> > Doesn't matter. If a malicious package can already install to > directories in $PATH, it can replace or override an existing program > already being run by the scripts you're trying to secure. > > For instance, one of the first things /etc/rc.d/init.d/rc does is run > 'stty sane'. Replace the stty command with a something malicious, and > it doesn't matter how well secured the boot scripts are. > > Simon. >
Maybe I'm saying something stupid here, but I think you're losing the fact that the installation is done with the pkg-user hint. Your install script has not the right to replace the file of another package (tty for example), you are not root. -- http://linuxfromscratch.org/mailman/listinfo/blfs-support FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
