On Wed, 2007-20-06 at 17:19 -0400, Mike Frysinger wrote: > On Wednesday 20 June 2007, Ciaran McCreesh wrote: > > On Wed, 20 Jun 2007 16:54:34 -0400 > > > > Mike Frysinger <[EMAIL PROTECTED]> wrote: > > > On Wednesday 20 June 2007, Ciaran McCreesh wrote: > > > > Mike Frysinger <[EMAIL PROTECTED]> wrote: > > > > > being able to generate binary packages that actually reflect the > > > > > live $ROOT is desirable > > > > > > > > Is being able to generate redistributable binary packages that > > > > reflect the live ROOT desirable? > > > > > > that's a feature that exists now that there's no reason to > > > disable ... not that it can be disabled > > > > I'm not suggesting forcibly disabling it, merely marking binary > > packages as "designed for distribution" or "not designed for > > distribution", not accepting the latter on other systems and > > requiring explicit user action to turn the latter into the former. > > > > The specific underlying question being, what are the use cases for > > binary packages? > > the use of the binpkg is not an issue, it's the creation ... people blindly > creating tbz2's which could contain their sensitive files and posting them > > i'll just go ahead with the feedback from Olivier and have quickpkg skip > CONFIG_PROTECT by default
This will by default create potentially broken packages (since many just wont work without their CONFIG_PROTECTed files). That's why I suggested a big fat warning and accepting that we can't protect users against themselves or against social engineering (aka their own stupidity). -- Olivier Crête [EMAIL PROTECTED] Gentoo Developer
signature.asc
Description: This is a digitally signed message part
