Subject: Re: pkg_delete "Executing" output
To: Jeremy C. Reed <firstname.lastname@example.org>
From: Alistair Crooks <email@example.com>
Date: 02/10/2005 23:01:58
On Thu, Feb 10, 2005 at 10:38:40AM -0800, Jeremy C. Reed wrote:
> On Thu, 10 Feb 2005, Alistair Crooks wrote:
> > So now OS mismatch is a valuable message, and yet commands which are
> > run as root on your behalf are not?
> We trust the package maintainers and pkgsrc developers to put the correct
> commands to be executed, just like we trust that the package's
> INSTALL/DEINSTALL and the software itself is not malicious.
And there are a number of people who are a bit more paranoid than that
- not just me, but the one on this list who made the environment to
build packages in a chroot. I distinctly remember the days of the
trojaned configure script, when connections were opened up to remote
sites (which could be running as root, although we had just-in-time su
by then in pkgsrc). As for new packages, one of those could easily
have something malignant inside it. No way will I trust them.
> > So the display of commands run as root is now making it so that you
> > can't view anything else? I do find that hard to believe.
> We should not have to grep through the output.
pkgsrc/misc/screen has a number of benefits, including scrollback.
The NetBSD console now has the ability to keep scrollback too.
Xterms, Eterms, mlterms all have history. The tools are there to
> > 10% is not "just about every package", or they're teaching statistics in
> > a different way since I was at university.
> (Your example before mentioned 538 lines from all of pkgsrc not
> including dynamic generated PLISTs.)
> I mentioned before two examples:
> pkg_delete perl and you will see around 66 excess lines displayed.
> pkg_delete p5-perl-headers and get around 466 messages about it running
Yes, 538 out of 5349 packages makes roughly 10%. This, to me, was
inconsistent with the claim that "just about every package" has
@exec and @unexec lines in their PLISTs.
How many times (except for bulk builds, which are only run by a
small subset of hardcore developers) do you install perl or
> Who doesn't trust the @unexec and @exec lines? And if so, why?
> (I assume it is a small minority and they can use -v or -vv.)
I, for one, don't trust them.
If you can't think of any way to exploit this, let me know, and I
shall send you offline mail detailing one scenario I can think of
which would cripple operations and leave no trace of who had caused