Summary: | revdep-rebuild too strict when checking working directory | ||
---|---|---|---|
Product: | Portage Development | Reporter: | Grzegorz Kulewski <grzegorz> |
Component: | Tools | Assignee: | Portage Tools Team <tools-portage> |
Status: | RESOLVED FIXED | ||
Severity: | major | CC: | dflogeras2, vasco.figueira |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- |
Description
Grzegorz Kulewski
2009-03-24 19:28:06 UTC
Could you not loopmount the directory instead of using a symlink? (In reply to comment #1) > Could you not loopmount the directory instead of using a symlink? You mean bind-mount? I don't remember why now but for some reason I couldn't or didn't want to. But still that check looks way too much restrictive, no? Why should hammer decide what nails I am allowed to use it with?? The reason the check is restrictive is when you use symlimks your system is vulnerable to a symlink attack. See Bug #203414 Security, The reporter of this bug feels that the symlink checks in revdep-rebuild are too strict. Since the current code originated out of the discussions on bug #203414, can someone on the security team comment on if the current behavior should or should not be changed. Let's resume discussion on bug #203414. Reopening based on Bug 203414, Comment #35 Patch submitted in bug 203414 -- can we close this one and track the discussion over there? *** Bug 427968 has been marked as a duplicate of this bug. *** *** Bug 408357 has been marked as a duplicate of this bug. *** |