Even if you build a package from source, you don't gain any security

unless you have completely read and understood the source code of all
the tools involved in building the package.

1 files changed, 10 insertions, 3 deletions

diff --git a/doc/guide/files/using.xml b/doc/guide/files/using.xml
index 221938ab4af..ddc34cf3e0b 100644
--- a/doc/guide/files/using.xml
+++ b/doc/guide/files/using.xml
@@ -1,4 +1,4 @@
-<!-- $NetBSD: using.xml,v 1.14 2005/12/24 10:11:07 kim Exp $ -->
+<!-- $NetBSD: using.xml,v 1.15 2006/01/07 22:10:31 rillig Exp $ -->
 
 <chapter id="using"> <?dbhtml filename="using.html"?>
   <title>Using pkgsrc</title>
@@ -82,12 +82,19 @@
     <sect2 id="a-word-of-warning">
       <title>A word of warning</title>
     
-      <para> Please pay very careful attention to the warnings
+      <para>Please pay very careful attention to the warnings
         expressed in the &man.pkg.add.1; manual page about the
         inherent dangers of installing binary packages which you did
         not create yourself, and the security holes that can be
         introduced onto your system by indiscriminate adding of such
-        files. </para>
+        files.</para>
+
+      <para>The same warning of course applies to every package you
+      install from source when you haven't completely read and
+      understood the source code of the package, the compiler that
+      is used to build the package and all the other tools that are
+      involved.</para>
+
     </sect2>
   </sect1>