This feature is NOT meant for hiding those scanelf QA warnings; that's what QA_{TEXTRELS,EXECSTACK,WX_LOAD} is for when the package can't be fixed. RESTRICT="binchecks" should _only_ be used for stuff where these checks don't make any sense and just cause needless overhead (pure data stuff, like kernel sources, icon packs, themes, fonts etc.)
last rites # Timothy Redaelli <drizzt@gentoo.org> (09 Dec 2006) # pending removal (#156989) # can't fix rpath, application checks its checksum app-antivirus/vlnx i close the bug when i'll punt the package
Thanks for finding this bug Jakub, this is a security issue and we need to vote on a maskglsa. I tend to vote YES as scanning a file with a specific name may result in arbitrary code execution. Timothy: please dont disable these checks in future without checking with the security team (ideally me or solar)!
I vote YES.
yes++
YES Vote. Solution in the GLSA should suggest removal from the system.
GLSA 200612-15
severity -> enhancement for (maybe?) later resolution
Removed from the tree.