Mailinglist Archive: opensuse (4344 mails)
| < Previous | Next > |
Re: [opensuse] apt-suser Security problem?
- From: Sören Wengerowsky <swengerowsky@xxxxxx>
- Date: Mon, 15 Aug 2005 14:07:35 +0200
- Message-id: <43008587.90108@xxxxxx>
Hello,
Christian Boltz schrieb:
Yes.. but can you check scripts with apt, too?
I think, apt works more or less automatically, so that you have no real chance to check them.
A solution might be to download the packages via apt, and then check them.
Yes.. checking this might be impossible.
But i think, the script kiddies who only want to damage systems will be not that inventive, and might only add a rm -rf / or so to a script.
greets
Soeren
Christian Boltz schrieb:
Am Sonntag, 14. August 2005 10:54 schrieb Sören Wengerowsky:
I don't know, if that's possible to perform, but i think, we should
think about something like that...
For installation-time issues, rpm -qp --scripts foobar.rpm should help.
Yes.. but can you check scripts with apt, too?
I think, apt works more or less automatically, so that you have no real chance to check them.
A solution might be to download the packages via apt, and then check them.
If you doubt a program has a run-time backdoor, check the sources.
Maybe the installation-time scripts can be checked more or less automatically - but the programs can't IMHO because they are too complex.
Yes.. checking this might be impossible.
But i think, the script kiddies who only want to damage systems will be not that inventive, and might only add a rm -rf / or so to a script.
greets
Soeren
| < Previous | Next > |