12 Jan
2010
12 Jan
'10
2:04 p.m.
On Tue, Jan 12, 2010 at 02:29:35PM +0100, Xyne wrote:
That doesnt work for overridden variables in split packages because they are set inside the packaging function(s).
Yes, right, good point. That answers a question I asked in another message.
Even without that to consider, you cannot blindly trust the variable declaration section of PKGBUILDs uploaded to the AUR.
Yes, exactly, that's why I was thinking of exploits your method might still be vulnerable to unless you take special steps to catch them. -- Jim Pryor profjim@jimpryor.net