Re: Usage of dpkg under cygwin

To: Claes Wallin <clawa570@cyd.liu.se>
Cc: debian-win32@lists.debian.org
Subject: Re: Usage of dpkg under cygwin
From: Robert Collins <robert.collins@syncretize.net>
Date: 12 Oct 2002 08:43:40 +1000
Message-id: <[🔎] 1034376220.11103.51.camel@lifelesswks>
In-reply-to: <[🔎] 20021011152721.GA3020@h20.ryd.student.liu.se>
References: <[🔎] 20021009195122.5615.qmail@web13306.mail.yahoo.com> <[🔎] DAF80C8A-DBC7-11D6-AA35-0003937562B8@where2getit.com> <[🔎] 20021011152721.GA3020@h20.ryd.student.liu.se>

On Sat, 2002-10-12 at 01:27, Claes Wallin wrote:
> Of course we need to take security seriously, but I'm not convinced
> that demanding unnecessary privileges or faking them does that. These
> files don't need to be owned by root or seem to be owned by root during
> the packaging process - we should be able to just tell tar to override
> the fs metadata. I realize that the current system works, but I reserve
> the right to call it a silly hack.

Yep, and requiring root ownership during package creation adds *nothing*
to security, because anyone with 30 mins to spare can create a tar that
allows arbitrary user ownership during creation.

Rob

Reply to:

References:
- Re: Usage of dpkg under cygwin
  - From: James Michael DuPont <mdupont777@yahoo.com>
- Re: Usage of dpkg under cygwin
  - From: Paul Baker <pbaker@where2getit.com>
- Re: Usage of dpkg under cygwin
  - From: Claes Wallin <clawa570@cyd.liu.se>

Prev by Date: Re: Usage of dpkg under cygwin
Next by Date: Re: Usage of dpkg under cygwin
Previous by thread: Re: Usage of dpkg under cygwin
Next by thread: Re: Usage of dpkg under cygwin
Index(es):
- Date
- Thread