From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 9674 invoked by uid 1002); 19 Sep 2003 15:54:42 -0000 Mailing-List: contact gentoo-dev-help@gentoo.org; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@gentoo.org Received: (qmail 24129 invoked from network); 19 Sep 2003 15:54:41 -0000 From: Paul de Vrieze To: gentoo-dev@gentoo.org Date: Fri, 19 Sep 2003 17:54:35 +0200 User-Agent: KMail/1.5.2 References: <20030907203546.GA6996@cerberus.oppresses.us> <200309080140.32886.jk@microgalaxy.net> In-Reply-To: <200309080140.32886.jk@microgalaxy.net> MIME-Version: 1.0 Content-Type: multipart/signed; protocol="application/pgp-signature"; micalg=pgp-sha1; boundary="Boundary-02=_8aya/QyQSwi6zTD"; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Message-Id: <200309191754.36146.pauldv@gentoo.org> X-Spam-Status: No, hits=-9.4 required=5.0 tests=BAYES_01,EMAIL_ATTRIBUTION,IN_REP_TO,PGP_SIGNATURE_2, QUOTED_EMAIL_TEXT,REFERENCES,REPLY_WITH_QUOTES, USER_AGENT_KMAIL autolearn=ham version=2.55-uvt4 X-Spam-Checker-Version: SpamAssassin 2.55-uvt4 (1.174.2.19-2003-05-19-exp) X-Virus-Scanned: by AMaViS-ng (Milter interface) Subject: Re: [gentoo-dev] suggestion portage ebuild system file modification rights and protection X-Archives-Salt: 0f027d86-6a10-4215-8ac3-d8183aa46460 X-Archives-Hash: d30f3a5b845fd1667fbd2eda42f8e7f3 --Boundary-02=_8aya/QyQSwi6zTD Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Content-Description: signed data Content-Disposition: inline On Monday 08 September 2003 03:40, Jan Krueger wrote: > On Sunday 07 September 2003 20:35, Jon Portnoy wrote: > > What, that any situation involving installing software is going to have > > security holes? That's the nature of software installation. > > Installing software at the end comes down to putting files at the right > place. (on windows you would add: modifying the registry) > > So thats exactly what portage should do: put files at the right place. > > The ebuilds may play in the sandbox whatever game they like. > It should however in no way possible for them to wipe your box. > > You agree? > > Jan > Please take a look at the sys-libs/db ebuilds. They use a function (from an= =20 eclass) that is needed to ensure that uninstalling versions which are the=20 newest installed version works. Not having that code would actually introdu= ce=20 a hard to diagnose bug if people downgrade. The code is fairly simple, but= =20 certainly necessary. If you disagree, please suggest a better way to do the= =20 same thing. Also I don't see why removing postinst introduces much added=20 security. Any application can introduce a trojan in a patch (more obscure=20 than an ebuild) that gets installed suid root. There is no way you are goin= g=20 to notice without stringent security measures, and packages get installed t= o=20 be runned. Paul =2D-=20 Paul de Vrieze Gentoo Developer Mail: pauldv@gentoo.org Homepage: http://www.devrieze.net --Boundary-02=_8aya/QyQSwi6zTD Content-Type: application/pgp-signature Content-Description: signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (GNU/Linux) iD8DBQA/aya8bKx5DBjWFdsRAmlBAJ9hEA7vOnZtGkqCwJuDaVndfjrqiwCgkYAB tZcskrmhX5veQhnsX+EMJoU= =E89G -----END PGP SIGNATURE----- --Boundary-02=_8aya/QyQSwi6zTD--