On 05/15/2010 12:14 PM, Gene Heskett wrote: > They are NOT in /usr/src/redhat nor in /root/rpmbuild. >> >> You really shouldn't be playing with source RPMs as root. Look in your >> user RPM sandbox: > > Whilst I agree we should be as careful w root as possible - if someone is willing to install a binary rpm as root - how is that more secure than building the source to the same package? I know in theory the build could execute scripts etc .. but .. Do we think redhat/fedora provide src rpm's which have things in them (ie bad) that are not in the binary ? Or the other way round ? Or both ? Or are the concerns for non-fedora packages? -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
