[lsb-discuss] [packaging] RFC: Berlin Packaging API

Sam Hart criswellious at gmail.com
Thu Feb 28 07:47:21 PST 2008


On Thu, Feb 28, 2008 at 10:33 AM, Robert Schweikert
<robert.schweikert at mathworks.com> wrote:
> <snip>
>
>  I certainly agree with the security issues raised by Dan and Sam. The
>  question is how hard would it be to teach dpkg and rpm to deal with more
>  than one db? And of course whether or not such a code change would be
>  accepted by the rpm and deb maintainers.

Well, conceptually, it could work something like:
* Package management system (or, more likely a wrapper to underlying
system) checks to see if they are being run as a non-privileged user,
if they aren't, make some local (likely ~/ dot file or dir) tiny db
that *only* includes data installed by the local users (e.g., this
isn't a clone of the system-wide package management systems' db).
* User-installed packages query a combination of the system-wide db
(it's read-only to non-priviledged users) and the local user's db to
verify dependencies (this would allow for a local user to
install/upgrade their locally installed packages)
* System-wide installed packages would *only* query the system-wide db
(they wouldn't be aware of, or even care about any local user's
installed applications.)

Something like that would allow for the best of both worlds, without
compromising security.

While it's conceptually fairly simple, it would be hard to engineer
such a thing into existing package management systems *and* do so in a
package-management system agnostic way. E.g., you'd need *a lot* of
momentum to get such a thing going, unless you wanted to just do it as
a wrapper on your own.



More information about the lsb-discuss mailing list