On Tue, Oct 18, 2016 at 06:03:28PM +0200, Jakub Wilk wrote:
> The WTFness of this code is certainly way above what we're normally used to,
> but (AIUI) it's only used as a fallback for nodejs < 4. Debian currently has
> 4.6.0.

In that case, perhaps this package isn't needed in Debian at all?

> > If you assume /root is root's home directory, and it's actually someone
> > else's directory, and you trust /root/.ssh/authorized_keys is root's
> > authorized ssh keys, you're going to have a bad time.
> Er, no. Making /root writable to another user is almost as clever as making
> /bin or /etc writable to others. A sysadmin who does that must be prepared
> to suffer consequences.

Agreed. Bad example, mea culpa.

I want to build worthwhile things that might last. --joeyh

Attachment: signature.asc
Description: PGP signature

Reply via email to