Re: The Python Registrar
On Mon, Feb 25, 2002 at 12:55:01PM +1000, Anthony Towns wrote:
> On Sun, Feb 24, 2002 at 05:38:25PM +0100, Carel Fellinger wrote:
> > Are you sure all package names are sane? Or could some joker distribute a
> > (non official ofcourse) python package with a name just waiting to exploit
> > this unsanitized use of its name in a script running as root?
>
> Huh? Aren't these things only called after the package is installed (or while
> it's installing)? In which case, the joker's non-official python package has
> already had it's postinst run as root, and the joker already has complete
> control of your machine.
Your right, I'm wrong and clearly overreacting.
--
groetjes, carel
Reply to: