From: "Olivier Crête" <tester@gentoo.org>
To: gentoo-dev@lists.gentoo.org
Subject: Re: [gentoo-dev] how to handle sensitive files when generating binary packages
Date: Wed, 20 Jun 2007 18:41:03 -0400 [thread overview]
Message-ID: <1182379263.12859.13.camel@localhost> (raw)
In-Reply-To: <200706201828.00854.vapier@gentoo.org>
[-- Attachment #1: Type: text/plain, Size: 2181 bytes --]
On Wed, 2007-20-06 at 18:28 -0400, Mike Frysinger wrote:
> On Wednesday 20 June 2007, Olivier Crête wrote:
> > On Wed, 2007-20-06 at 17:19 -0400, Mike Frysinger wrote:
> > > the use of the binpkg is not an issue, it's the creation ... people
> > > blindly creating tbz2's which could contain their sensitive files and
> > > posting them
> > >
> > > i'll just go ahead with the feedback from Olivier and have quickpkg skip
> > > CONFIG_PROTECT by default
> >
> > This will by default create potentially broken packages (since many just
> > wont work without their CONFIG_PROTECTed files). That's why I suggested
> > a big fat warning and accepting that we can't protect users against
> > themselves or against social engineering (aka their own stupidity).
>
> i think this would only be an issue where quickpkg is being run
> non-interactively and the output not being reviewed (which i also dont think
> is a common scenario for quickpkg) ... the new output of quickpkg will be
> explicit in what it is (or isnt) doing so there wont be any issue of "drive
> by" social engineering
Well, I often use quickpkg when I want to try a new version of a package
(I quickpkg the currently installed one.. and I want to keep all the
config files). Then I emerge the new one, and I absolutely want to be
able to restore the config files if I want to revert to an older
version, either because they have been broken by the pkg_postinst or
something else. I still haven't heard a good reason to change anything
thats not the printing in quickpkg.
> as for dubbing people who are successfully socially engineered "stupid", i
> dont really think that's appropriate ... consider noobs on irc in #gentoo who
> just want to help and havent learned their way around yet. are they stupid
> (well they might be, but lets give them the benefit of the doubt) ? i'd
> liken the situation to a kid growing up ... kids arent stupid, they lack
> experience and calling them stupid isnt constructive
I'm not calling anyone stupid... but I'm talking of our inner stupidity
(which we all have)...
--
Olivier Crête
tester@gentoo.org
Gentoo Developer
[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 189 bytes --]
next prev parent reply other threads:[~2007-06-20 22:44 UTC|newest]
Thread overview: 56+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-06-20 4:47 [gentoo-dev] how to handle sensitive files when generating binary packages Mike Frysinger
2007-06-20 10:45 ` Andrew Gaffney
2007-06-20 10:49 ` Marius Mauch
2007-06-20 11:54 ` [gentoo-dev] VDB Changes (Was Re: how to handle sensitive files when generating binary packages) Steve Long
2007-06-20 19:57 ` [gentoo-dev] how to handle sensitive files when generating binary packages Mike Frysinger
2007-06-20 20:18 ` Petteri Räty
2007-06-20 20:27 ` Mike Frysinger
2007-06-20 20:35 ` Ciaran McCreesh
2007-06-20 20:48 ` Olivier Crête
2007-06-20 20:55 ` Ciaran McCreesh
2007-06-20 20:54 ` Mike Frysinger
2007-06-20 21:01 ` Ciaran McCreesh
2007-06-20 21:19 ` Mike Frysinger
2007-06-20 21:22 ` Ciaran McCreesh
2007-06-20 21:38 ` Mike Frysinger
2007-06-20 21:48 ` Ciaran McCreesh
2007-06-20 21:59 ` Mike Frysinger
2007-06-20 22:02 ` Olivier Crête
2007-06-20 22:28 ` Mike Frysinger
2007-06-20 22:41 ` Olivier Crête [this message]
2007-06-20 22:50 ` Mike Frysinger
2007-06-20 23:11 ` Chris Gianelloni
2007-06-20 23:44 ` Mike Frysinger
2007-06-20 22:31 ` Chris Gianelloni
2007-06-20 22:35 ` Ciaran McCreesh
2007-06-20 22:49 ` Luca Barbato
2007-06-20 23:08 ` Chris Gianelloni
2007-06-20 23:12 ` Daniel Ostrow
2007-06-20 23:51 ` [gentoo-dev] " Steve Long
2007-06-20 23:18 ` [gentoo-dev] " Ciaran McCreesh
2007-06-21 7:57 ` Tobias Klausmann
2007-06-20 22:58 ` Jan Kundrát
2007-06-20 21:04 ` William L. Thomson Jr.
2007-06-20 21:11 ` Ned Ludd
2007-06-20 21:38 ` Mike Frysinger
2007-06-20 13:04 ` Olivier Crête
2007-06-20 13:15 ` Matthias Schwarzott
2007-06-20 15:43 ` [gentoo-dev] " Duncan
2007-06-20 16:44 ` [gentoo-dev] " Marius Mauch
2007-06-20 20:07 ` Mike Frysinger
2007-06-20 20:12 ` Ciaran McCreesh
2007-06-20 20:19 ` Andrew Gaffney
2007-06-20 20:25 ` Ciaran McCreesh
2007-06-20 20:53 ` Andrew Gaffney
2007-06-20 21:09 ` William L. Thomson Jr.
2007-06-21 1:38 ` [gentoo-dev] User warnings (Was Re: how to handle sensitive files when generating binary packages) Steve Long
2007-06-21 1:42 ` [gentoo-dev] Re: how to handle sensitive files when generating binary packages Steve Long
2007-06-21 0:13 ` [gentoo-dev] " Josh Saddler
2007-06-21 2:24 ` Mike Frysinger
2007-06-21 3:04 ` Mike Frysinger
2007-06-21 3:18 ` Josh Saddler
2007-06-21 6:11 ` Ned Ludd
2007-06-21 6:23 ` Vlastimil Babka
2007-06-21 6:17 ` Vlastimil Babka
2007-06-22 6:24 ` Mike Frysinger
2007-06-20 20:26 ` Mike Frysinger
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1182379263.12859.13.camel@localhost \
--to=tester@gentoo.org \
--cc=gentoo-dev@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox