On 17 Mar 1999, Kai Henningsen wrote: > [EMAIL PROTECTED] (Jules Bean) wrote on 16.03.99 in <[EMAIL PROTECTED]>: > > > Is having a long Unpack-Commands header preferable to an unpack control > > script? > > > > I would have thought the latter was more flexible. > > That's *why* the header solution is preferrable. Ian has always pointed > out (and I now think he's right) that we do not want arbitrary scripts > executed on unpacking the source. That's just too dangerous. > > Of course, you could still put this in a separate file and _call_ that an > "unpack script", but the important thing is that it needs to have a > severely restricted syntax that does *not* allow calling arbitrary > commands.
(I confess to playing devils advocate) Why is it dangerous to allow arbitrary scripts to be executed? We allow arbitrary scripts to be executed from debian/rules. That's pretty dangerous, isn't it? I could slip an rm -fr ~ into a debian/rules in a package I maintain. Presumably, you trust me not to do that. Jules /----------------+-------------------------------+---------------------\ | Jelibean aka | [EMAIL PROTECTED] | 6 Evelyn Rd | | Jules aka | [EMAIL PROTECTED] | Richmond, Surrey | | Julian Bean | [EMAIL PROTECTED] | TW9 2TF *UK* | +----------------+-------------------------------+---------------------+ | War doesn't demonstrate who's right... just who's left. | | When privacy is outlawed... only the outlaws have privacy. | \----------------------------------------------------------------------/
