Ciaran McCreesh wrote:
On Wed, 20 Jun 2007 15:19:46 -0500
Andrew Gaffney <[EMAIL PROTECTED]> wrote:
I'm not sure that's really a feasible solution (but then you probably
weren't suggesting it with that intention). Being able to create a
"backup" of any installed package without re-emerging is pretty
handy. Many people use it and there would be a revolt if quickpkg
were removed.
Then live-filesystem-generated packages could be marked as 'not for
redistribution'.
That's certainly a lot more feasible. However, it would have to be marked in
some way that portage would recognize, and that marking could still likely be
easily removed.
This still allows the social engineering attack. Someone can get a binpkg
created with quickpkg of someone else's baselayout and then remove the marking
that would make portage gripe.
--
Andrew Gaffney http://dev.gentoo.org/~agaffney/
Gentoo Linux Developer Catalyst/Installer + x86 release coordinator
--
[EMAIL PROTECTED] mailing list
