On Thu, 2004-08-26 at 05:37, Jeff Johnson wrote: > Malicious code from untrusted package problem not going to be solved by > rpm_script_t alone afaict either. Right. We still need a mechanism for distinguishing among packages and running scriptlets in different domains based on either some property of the package (the authority that signed it) or some knowledge of the admin (i.e. he specifies the desired scriptlet domain for all packages obtained from a given repository in his yum.conf or similar). -- Stephen Smalley <sds@xxxxxxxxxxxxxx> National Security Agency
