Hi, ext Aniello Del Sorbo wrote: > Frantisek Dufka wrote: >> Aniello Del Sorbo wrote: >>> I mean, if my apps need to be called as "helloworld" and it looks at >>> a conf file called "helloword.conf", why I have to copy the >>> executable in /usr/bin and the conf file in /etc while I can just >>> copy it to /usr/local/bin (owned or writable by 'user) and the conf >>> file in /usr/local/etc ? (just to give an example) and add >>> /usr/local/bin to the path? >> >> Yes it was similar except /usr/local was /var/lib/install. And it was >> done in such way that no package could ever put file outside of >> /var/lib/install (the only way that gives you some additional security >> you probably want). >> >> So you had 2 classes of packages (system ones in / and user ones in >> /var/lib/install) which made system more complex and prevented you >> from making 'system' packages i.e. ones which modifes or extends the >> system in interesting way. >> >> Frantisek >> > I do not want that either. > I am not saying we should run dpkg in a chrooted enviromnent. > I am only saying we should run it with the -x (I think) option that > points to something like /usr/local where user can write. In this case > there would be no need to gain root privileges unless the .deb is a > system package (and the system could ask for a password, a la Mac OS X). Sorry that I didn't understand you at first. > As it is now, and as I understand it, every .deb can brick my device if > it has been built from a malicious user. Even something run as user can make the device pretty unusable either at install time (e.g. by messing up with Gconf keys or removing some other user configuration / or data files), or at run time by eating all resources or killing all your apps. As to the other security aspects, anything you install onto your (Maemo/Linux/Windows) machine, can spy anything you do (which passwords you enter to the Browser etc). The warning you get when you install a new package are there for a reason! Only thing that helps to this is more and wider testing (and of course developers being more careful etc). - Eero
