> The original complaint was that when using makepkg -sic, the sudo > password is cached after dependency installation and malicious sudo > commands might be executed during build() as the password is cached. > > My opinion on this is that we should not encourage people to use sudo, > Aaron suggested to move it here for further discussion. What do you think?
Couldn't you just add an option to kill sudo after dependency installation? _______________________________________________ pacman-dev mailing list [email protected] http://www.archlinux.org/mailman/listinfo/pacman-dev
