[pacman-dev] [PATCH 0/4] Redo path flexibility patches.
Allan McRae
allan at archlinux.org
Tue Jan 22 23:52:49 EST 2013
On 20/01/13 22:08, Allan McRae wrote:
> There was some concern about potential security implications of calling execvp
> and the ability to get a root shell. Good to see this was mentioned in the six
> months between the patches being sent to the mailing list and when they were
> committed (passive-agressive Allan!)
>
> All those patches are reverted (commits 4a8c2852, 993700bc, bb4d2b72, 60b192e3)
> in the first patch which is not being sent. Then the pactests are refixed only
> allowing full paths to the scriptlet shell and the path to ldconfig is made
> configurable.
>
> Allan McRae (4):
> Revert execvp and related commits
> pactest: handle non-default scriptlet shells
> Remove leading / for pactest paths
> Make path to ldconfig configurable
Any comments on these? I don't like to leave patches that we know are
going to be reverted on master, so I would like to push them soon.
Allan
More information about the pacman-dev
mailing list