Subject: Re: pkg_delete "Executing" output
To: Jeremy C. Reed <firstname.lastname@example.org>
From: grant beattie <grant@NetBSD.org>
Date: 02/10/2005 17:47:52
Content-Type: text/plain; charset=us-ascii
On Wed, Feb 09, 2005 at 10:44:29AM -0800, Jeremy C. Reed wrote:
> > The reason for this is one of security. For almost all users, these
> > commands are run as the root user; the commands are taken from a file
> > in the filesystem hierarchy (which is not itself checksummed). From a
> > security POV, I want to know what commands are being run, even if you
> > don't want to, because files can be modified, made to point to
> > additional scripts, etc.
> I am not sure how this could be useful for security. Having numerous
> "rmdir" lines scroll by makes it so nobody would want to read the output
> in the first place and it also hides any more interesting messages.
=2E. and there are hundreds, if not thousands, of operations per
pkg_add/pkg_delete that are done as root and we don't echo them all,
so the statement is self-inconsistent.
I agree it should be reverted and discussed, like any other proposed
change (and from the look of it, the vote seems to be for the way unix
has always been - "no news is good news", as someone said).
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (NetBSD)
-----END PGP SIGNATURE-----