From: Mike Frysinger <vapier@gentoo.org>
To: gentoo-dev@lists.gentoo.org
Subject: Re: [gentoo-dev] how to handle sensitive files when generating binary packages
Date: Wed, 20 Jun 2007 18:28:00 -0400 [thread overview]
Message-ID: <200706201828.00854.vapier@gentoo.org> (raw)
In-Reply-To: <1182376965.12859.7.camel@localhost>
[-- Attachment #1: Type: text/plain, Size: 1458 bytes --]
On Wednesday 20 June 2007, Olivier Crête wrote:
> On Wed, 2007-20-06 at 17:19 -0400, Mike Frysinger wrote:
> > the use of the binpkg is not an issue, it's the creation ... people
> > blindly creating tbz2's which could contain their sensitive files and
> > posting them
> >
> > i'll just go ahead with the feedback from Olivier and have quickpkg skip
> > CONFIG_PROTECT by default
>
> This will by default create potentially broken packages (since many just
> wont work without their CONFIG_PROTECTed files). That's why I suggested
> a big fat warning and accepting that we can't protect users against
> themselves or against social engineering (aka their own stupidity).
i think this would only be an issue where quickpkg is being run
non-interactively and the output not being reviewed (which i also dont think
is a common scenario for quickpkg) ... the new output of quickpkg will be
explicit in what it is (or isnt) doing so there wont be any issue of "drive
by" social engineering
as for dubbing people who are successfully socially engineered "stupid", i
dont really think that's appropriate ... consider noobs on irc in #gentoo who
just want to help and havent learned their way around yet. are they stupid
(well they might be, but lets give them the benefit of the doubt) ? i'd
liken the situation to a kid growing up ... kids arent stupid, they lack
experience and calling them stupid isnt constructive
-mike
[-- Attachment #2: This is a digitally signed message part. --]
[-- Type: application/pgp-signature, Size: 827 bytes --]
next prev parent reply other threads:[~2007-06-20 22:30 UTC|newest]
Thread overview: 56+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-06-20 4:47 [gentoo-dev] how to handle sensitive files when generating binary packages Mike Frysinger
2007-06-20 10:45 ` Andrew Gaffney
2007-06-20 10:49 ` Marius Mauch
2007-06-20 11:54 ` [gentoo-dev] VDB Changes (Was Re: how to handle sensitive files when generating binary packages) Steve Long
2007-06-20 19:57 ` [gentoo-dev] how to handle sensitive files when generating binary packages Mike Frysinger
2007-06-20 20:18 ` Petteri Räty
2007-06-20 20:27 ` Mike Frysinger
2007-06-20 20:35 ` Ciaran McCreesh
2007-06-20 20:48 ` Olivier Crête
2007-06-20 20:55 ` Ciaran McCreesh
2007-06-20 20:54 ` Mike Frysinger
2007-06-20 21:01 ` Ciaran McCreesh
2007-06-20 21:19 ` Mike Frysinger
2007-06-20 21:22 ` Ciaran McCreesh
2007-06-20 21:38 ` Mike Frysinger
2007-06-20 21:48 ` Ciaran McCreesh
2007-06-20 21:59 ` Mike Frysinger
2007-06-20 22:02 ` Olivier Crête
2007-06-20 22:28 ` Mike Frysinger [this message]
2007-06-20 22:41 ` Olivier Crête
2007-06-20 22:50 ` Mike Frysinger
2007-06-20 23:11 ` Chris Gianelloni
2007-06-20 23:44 ` Mike Frysinger
2007-06-20 22:31 ` Chris Gianelloni
2007-06-20 22:35 ` Ciaran McCreesh
2007-06-20 22:49 ` Luca Barbato
2007-06-20 23:08 ` Chris Gianelloni
2007-06-20 23:12 ` Daniel Ostrow
2007-06-20 23:51 ` [gentoo-dev] " Steve Long
2007-06-20 23:18 ` [gentoo-dev] " Ciaran McCreesh
2007-06-21 7:57 ` Tobias Klausmann
2007-06-20 22:58 ` Jan Kundrát
2007-06-20 21:04 ` William L. Thomson Jr.
2007-06-20 21:11 ` Ned Ludd
2007-06-20 21:38 ` Mike Frysinger
2007-06-20 13:04 ` Olivier Crête
2007-06-20 13:15 ` Matthias Schwarzott
2007-06-20 15:43 ` [gentoo-dev] " Duncan
2007-06-20 16:44 ` [gentoo-dev] " Marius Mauch
2007-06-20 20:07 ` Mike Frysinger
2007-06-20 20:12 ` Ciaran McCreesh
2007-06-20 20:19 ` Andrew Gaffney
2007-06-20 20:25 ` Ciaran McCreesh
2007-06-20 20:53 ` Andrew Gaffney
2007-06-20 21:09 ` William L. Thomson Jr.
2007-06-21 1:38 ` [gentoo-dev] User warnings (Was Re: how to handle sensitive files when generating binary packages) Steve Long
2007-06-21 1:42 ` [gentoo-dev] Re: how to handle sensitive files when generating binary packages Steve Long
2007-06-21 0:13 ` [gentoo-dev] " Josh Saddler
2007-06-21 2:24 ` Mike Frysinger
2007-06-21 3:04 ` Mike Frysinger
2007-06-21 3:18 ` Josh Saddler
2007-06-21 6:11 ` Ned Ludd
2007-06-21 6:23 ` Vlastimil Babka
2007-06-21 6:17 ` Vlastimil Babka
2007-06-22 6:24 ` Mike Frysinger
2007-06-20 20:26 ` Mike Frysinger
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=200706201828.00854.vapier@gentoo.org \
--to=vapier@gentoo.org \
--cc=gentoo-dev@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox