Ian Bicking: the old part of his blog

Comment

Note that RPM and dpkg both allow for arbitrary code to be run on package installation or removal -- but because a lot of the process is automated by the tool, these scripts can be more limited in scope. This doesn't tend to be a problem, because package authors don't go too crazy -- it's used for things like byte compiling code, doing database upgrades, updating configuration scripts, etc. But if, say, Gator (or whatever they're called now) created a Linux package of their product, they could be nearly as evil as they are on Windows.
Comment on Bundles Schmundles
by Ian Bicking