Also, judging from the number of packages that are submitted and approved via/from the package submission tracker, i don't think that it is reasonable to say that most packages that have SUID bit binaries are maintained by competent people. What's to stop someone from "./configure --prefix=%p &&make&& make install", submitting it, and still having NO idea what is actually in the package?
Thanx, JP
On Dec 13, 2003, at 3:21 PM, Darian Lanx wrote:
Now if I simply mention in an info file that a "SUID" file will be installed-SNIP-
The packages that do install SUID binaries are probably maintained by people who know a lot about the things they package up and thus they can be trusted by the things they do.
---- It's all fun and games 'til someone writes to a NULL pointer!
smime.p7s
Description: S/MIME cryptographic signature
