Re: Does Debian need to enforce a better Security policy for packages?

To: debian-security@lists.debian.org
Subject: Re: Does Debian need to enforce a better Security policy for packages?
From: Neil Schemenauer <nas@python.ca>
Date: Mon, 22 Oct 2001 10:32:17 -0700
Message-id: <20011022103217.A2579@glacier.arctrix.com>
In-reply-to: <20011022184619.A8341@dat.etsit.upm.es>; from jfs@computer.org on Mon, Oct 22, 2001 at 06:46:19PM +0200
References: <20011022184619.A8341@dat.etsit.upm.es>

Javier Fernández-Sanguino Peña wrote:
> Should we improve lintian in order to yell if some (destructive) action is
> taken upon installation/de-installation? Should we further limit the kind
> of commands available on this scripts?

That would be a waste of time, IMHO.  It would be trivial for a malicious
person to bypass these measures.

  Neil

Reply to:

References:
- Does Debian need to enforce a better Security policy for packages?
  - From: Javier Fernández-Sanguino Peña <jfs@computer.org>

Prev by Date: Re: Port Scan for UDP
Next by Date: Re: Firewall Related Question
Previous by thread: Does Debian need to enforce a better Security policy for packages?
Next by thread: Re: Does Debian need to enforce a better Security policy for packages?
Index(es):
- Date
- Thread