Steve McIntyre writes: > There is a deeper worry about builds that may be done against the > "weak" background. Although buildd chroots are easily fixed up, > there's going to be a (small, but unknown) set of maintainers who > might be uploading binaries from merged systems. I think we're making > good progress on source-only uploads and building in clean chroots > etc., but... It's also likely not easy to pick up on "wrong" binary > packages built this way.
That is not a new problem: maintainers can already upload packages that refer to binaries in /usr/local/bin when they have locally installed binaries and autodetection using $PATH is used? /usr/local/bin is usually before /usr/bin and /bin after all. dpkg could add a "not-built-in-a-clean-chroot" flag to detect those. Ansgar