Gregory's Server@crepererum @marcan hum? Both rpm and deb packages can run arbitrary scripts as root on install without extra user intervention. Installing a package is giving root on your system to the package uploader.
|
3 comments
@crepererum @marcan are you verifying this statement, or merely assuming? I was a Debian Developer for 14 years. Just because a deb *can* contain nothing but files, doesn’t in any way prevent a maintainer from doing whatever they like in postinst |
@directhex @marcan yes, but these are extras and not used by the majority of packages. For most packages it's just placing files. And even the scripts that do run are more limited in scope than a shell script that tries to tries to do everything.