Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 477938

Summary: sys-apps/portage: prevent packages from installing files into non-sane paths
Product: Portage Development Reporter: Michał Górny <mgorny>
Component: Core - Ebuild SupportAssignee: Portage team <dev-portage>
Status: CONFIRMED ---    
Severity: normal    
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard:
Package list:
Runtime testing required: ---

Description Michał Górny archtester Gentoo Infrastructure gentoo-dev Security 2013-07-23 19:30:46 UTC 
Yesterday we had a pretty bad bug where bash-completion files were installed into /. Similar bugs occur randomly over time and would be much easier to catch and fix if portage checked the sanity of paths used for installed files.

That is, I believe that portage (or the gx86 repo) should have a white-list of locations where packages are allowed to install files and it should bail (with FEATURES=strict) whenever a package installs new files or directories not matching the white-list.