You are worrying about the wrong thing, IMHO. If you are installing untrusted packages, those packages contain scripts that run as root (preinstall, postinstal, etc). That's the place to put nasty stuff if you are going to do it. If you can't trust the packages you are installing you are doomed no matter what. - todd