Thread: Do you want INSTALL FROM FILE back?
View Single Post
Flandry's Avatar
Flandry is offline Flandry
2010-01-12 , 13:39
Posts: 1,559 | Thanked: 1,786 times | Joined on Oct 2009 @ Boston
#21
Originally Posted by Matan View Post
Do you want me to upload a package with rm -rf / in postinst?

It is so obvious that installing a package might damage your filesystem. But this is true regardless of the package coming from a repository or from your local file system. The decision to only allow packages from repositories does nothing for security.
The security is only as good as the testing. Your root-formatting package would not last a day in -testing. That's the whole point; thank you for making it.
__________________

Unofficial PR1.3/Meego 1.1 FAQ
***
Classic example of arbitrary Nokia decision making. Couldn't just fallback to the no brainer of tagging with lat/lon if network isn't accessible, could you Nokia?
MAME: an arcade in your pocket
Accelemymote: make your accelerometer more joy-ful