Tom "spot" Callaway wrote: > On Thu, 2008-06-12 at 17:53 +0200, Stanislav Brabec wrote: > > openSUSE use chroots inside Xen secured build hosts in Build Service. > > Yes, I didn't mean to imply that you were vulnerable while Fedora is > not. Apologies if it came across like that.
I only wanted to agree, that probably no distribution uses a rpmbuild on insecure machines. It is good to improve rpmbuild security, but we do not need to be paranoid here. The DoS concept "directory already exists, but it is not owned by me => fail" is acceptable for more projects, not only for rpmbuild: gconf, esound, mc, orbit. -- Best Regards / S pozdravem, Stanislav Brabec software developer --------------------------------------------------------------------- SUSE LINUX, s. r. o. e-mail: [EMAIL PROTECTED] Lihovarská 1060/12 tel: +420 284 028 966, +49 911 740538747 190 00 Praha 9 fax: +420 284 028 951 Czech Republic http://www.suse.cz/ _______________________________________________ Rpm-maint mailing list Rpm-maint@lists.rpm.org https://lists.rpm.org/mailman/listinfo/rpm-maint