From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from lists.gentoo.org ([140.105.134.102] helo=robin.gentoo.org) by nuthatch.gentoo.org with esmtp (Exim 4.62) (envelope-from ) id 1I16aQ-0002ib-MW for garchives@archives.gentoo.org; Wed, 20 Jun 2007 20:15:31 +0000 Received: from robin.gentoo.org (localhost [127.0.0.1]) by robin.gentoo.org (8.14.0/8.14.0) with SMTP id l5KKEXvG016804; Wed, 20 Jun 2007 20:14:33 GMT Received: from smtp.ferdyx.org (170.Red-213-96-222.staticIP.rima-tde.net [213.96.222.170]) by robin.gentoo.org (8.14.0/8.14.0) with ESMTP id l5KKCgKr014735 for ; Wed, 20 Jun 2007 20:12:43 GMT Received: from localhost (localhost [127.0.0.1]) by smtp.ferdyx.org (Postfix) with ESMTP id C5B828D3F8 for ; Wed, 20 Jun 2007 20:31:34 +0200 (CEST) Received: from smtp.ferdyx.org ([127.0.0.1]) by localhost (tungsteno [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 16111-08 for ; Wed, 20 Jun 2007 20:31:30 +0200 (CEST) Received: from snowflake (82-41-57-20.cable.ubr08.edin.blueyonder.co.uk [82.41.57.20]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by smtp.ferdyx.org (Postfix) with ESMTP id DC6228D305 for ; Wed, 20 Jun 2007 20:31:29 +0200 (CEST) Date: Wed, 20 Jun 2007 21:12:14 +0100 From: Ciaran McCreesh To: gentoo-dev@lists.gentoo.org Subject: Re: [gentoo-dev] how to handle sensitive files when generating binary packages Message-ID: <20070620211214.0cca11b9@snowflake> In-Reply-To: <200706201607.07713.vapier@gentoo.org> References: <200706200047.04951.vapier@gentoo.org> <1182344680.7336.18.camel@TesterBox.tester.ca> <200706201607.07713.vapier@gentoo.org> X-Mailer: Claws Mail 2.9.2 (GTK+ 2.10.11; i686-pc-linux-gnu) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@gentoo.org Reply-to: gentoo-dev@lists.gentoo.org Mime-Version: 1.0 Content-Type: multipart/signed; boundary=Sig_Aou2F+iL0h+cl.cJ7BJRJ+f; protocol="application/pgp-signature"; micalg=PGP-SHA1 X-Virus-Scanned: by amavisd-new-20030616-p10 (Debian) at ferdyx.org X-Archives-Salt: b51d4cda-9186-4bf7-aeea-a9b7a9fd814e X-Archives-Hash: 3b396ebeb7bde5a62302a6add3bf4fdc --Sig_Aou2F+iL0h+cl.cJ7BJRJ+f Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: quoted-printable On Wed, 20 Jun 2007 16:07:07 -0400 Mike Frysinger wrote: > no reason to write off something critical like this when it can be > addressed It can be addressed by banning binary package creation off an installed filesystem. --=20 Ciaran McCreesh --Sig_Aou2F+iL0h+cl.cJ7BJRJ+f Content-Type: application/pgp-signature; name=signature.asc Content-Disposition: attachment; filename=signature.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) iD8DBQFGeYoe96zL6DUtXhERAkbaAKCH8p9/xdhh0jTesnEZ3uC//pYIWwCbBitm xNSWIq6ymO0VIqJWUBiknP4= =nji4 -----END PGP SIGNATURE----- --Sig_Aou2F+iL0h+cl.cJ7BJRJ+f-- -- gentoo-dev@gentoo.org mailing list