On Wed, 20 Jun 2007 15:15:20 +0200 Matthias Schwarzott <[EMAIL PROTECTED]> wrote:
> On Mittwoch, 20. Juni 2007, Olivier Crête wrote: > > > > I will claim that almost any file in /etc is potentially sensitive > > (even if it does not contain passwords, if may contain other > > informations interesting to a cracker). And even if we did what you > > propose, we'd run the risk of missing some and giving the user a > > false sense of security. > > > > Maybe we should document somewhere that the only way to make bin pkg > > that are safe for public distribution is to do emerge -b or -B .. > > And that pkgs built with quickpkg may contain sensitive information. > > If there is smart conf-file updating inside pkg_preinst(), I think > even emerge -b could be unsafe. preinst is run after building the tbz2 package. Marius -- Marius Mauch <[EMAIL PROTECTED]> -- [EMAIL PROTECTED] mailing list
