We all knew this was going to happen: http://www.cert.org/advisories/CA-2002-28.html
Given the variety of sources we use for obtaining source files, this is just an accident waiting to happen over and over again in fink. Running the compiles as root seriously exacerbates the problem. Can anyone remind us on the rationale this is done this way? I would prefer to create a minimally privileged user that is then used to run the compiles. Of course, this does not provide 100 % security (even a minimally privileged user can do harm, and the install later has to be done as root), but it does create another little hurdle. Gruesse, Carsten ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Fink-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/fink-users
