Aaron, > One possible concern with this approach is it might make malicious > actors disguise their efforts a bit more, say adding malicious > commands to the shell script shipped to /usr/bin instead of running > the command immediately as a .install hook.
interesting. this could turn out to be an "arms race", with each side innovating, the other responding.
