On Fri, Sep 04, 2015 at 07:33:27PM -0400, Daniel Micay wrote: > Either way, the package can do whatever it wants as root when it's > installed. Building in a container is to provide protection from stupid > mistakes, not an attacker. >
It think it would be useful if pacman warned against packages containing setuid/setgid binaries.
