Subject: Re: pkg_delete "Executing" output
To: Jeremy C. Reed <>
From: Alistair Crooks <>
List: tech-pkg
Date: 02/10/2005 23:01:58
On Thu, Feb 10, 2005 at 10:38:40AM -0800, Jeremy C. Reed wrote:
> On Thu, 10 Feb 2005, Alistair Crooks wrote:
> > So now OS mismatch is a valuable message, and yet commands which are
> > run as root on your behalf are not?
> We trust the package maintainers and pkgsrc developers to put the correct
> commands to be executed, just like we trust that the package's
> INSTALL/DEINSTALL and the software itself is not malicious.

And there are a number of people who are a bit more paranoid than that
- not just me, but the one on this list who made the environment to
build packages in a chroot.  I distinctly remember the days of the
trojaned configure script, when connections were opened up to remote
sites (which could be running as root, although we had just-in-time su
by then in pkgsrc).  As for new packages, one of those could easily
have something malignant inside it.  No way will I trust them.
> > So the display of commands run as root is now making it so that you
> > can't view anything else?  I do find that hard to believe.
> We should not have to grep through the output.

pkgsrc/misc/screen has a number of benefits, including scrollback. 
The NetBSD console now has the ability to keep scrollback too. 
Xterms, Eterms, mlterms all have history. The tools are there to
be used.
> > 10% is not "just about every package", or they're teaching statistics in
> > a different way since I was at university.
> (Your example before mentioned  538 lines from all of pkgsrc not
> including dynamic generated PLISTs.)
> I mentioned before two examples:
>   pkg_delete perl and you will see around 66 excess lines displayed.
>   pkg_delete p5-perl-headers and get around 466 messages about it running
>   "rmdir".

Yes, 538 out of 5349 packages makes roughly 10%. This, to me, was
inconsistent with the claim that "just about every package" has
@exec and @unexec lines in their PLISTs.

How many times (except for bulk builds, which are only run by a
small subset of hardcore developers) do you install perl or
> Who doesn't trust the @unexec and @exec lines? And if so, why?
> (I assume it is a small minority and they can use -v or -vv.)

I, for one, don't trust them.

If you can't think of any way to exploit this, let me know, and I
shall send you offline mail detailing one scenario I can think of
which would cripple operations and leave no trace of who had caused
the grief.