[pacman-dev] makepkg security

[Xyne]

> The original complaint was that when using makepkg -sic, the sudo 
> password is cached after dependency installation and malicious sudo 
> commands might be executed during build() as the password is cached.
> 
> My opinion on this is that we should not encourage people to use sudo, 
> Aaron suggested to move it here for further discussion. What do you think?

Couldn't you just add an option to kill sudo after dependency installation?