zlacker
[parent]
[thread]
0 comments
1. cjbpri+(OP)
[view]
[source]
2018-07-29 03:24:39
dpkg doesn't stop you overwriting system files in a post-install shell script, as far as I know? Which is the way that a malicious package would choose to do it. I don't think dpkg performs any meaningful security review in the way you describe.
[go to top]