On Sun, Mar 17, 2013 at 02:14:50PM +0800, Daniel Hartwig wrote: > On 17 March 2013 06:56, Serafeim Zanikolas <s...@debian.org> wrote: > > Hi Francesco, > > > > On Sat, Mar 16, 2013 at 11:25:36PM +0100, Francesco Poli wrote [edited]: > >> On Sat, 16 Mar 2013 12:05:09 +0100 David Kalnischkies wrote: > > [..] > >> > Using a hook-defined fifoname rather than a random fifoname should be > >> > okay as the later isn't more secure than the former (if an attacker has > >> > root rights to write to it we are doomed anyway …) > >> > >> Please excuse my ignorance: isn't a pre-defined fifoname prone to a > >> symlink attack? > > > > It's prone only in a publicly-writable directory, which is not the case for > > /var/run. > > > >> > and in fact creating > >> > a randomly named fifo could be hard in practice … > >> > >> Isn't there anything like mkstemp(3) for named pipes? > > > > I'm not aware of any -- but we can get away without one anyway. > > The data can be passed through an open fd, similar to dpkg --status-fd > argument. Then there are no issues due to filesystems global > namespace and it removes the fs as an unrequired middle-man.
Sure, that'd be an improvement. Would you make apt pass the fd number to apt-listbugs in the command line? > >> > I guess the apt-listbugs patch is just for testing, but I say it > >> > non-the-less: > >> > It would be good if at least apt-listbugs/wheezy would support both so we > >> > don't create backport problems that early in the (not even started) > >> > wheezy > >> > release cycle. ;) > >> > >> At this point of the wheezy freeze, I cannot introduce any change into > >> apt-listbugs/wheezy, except for those that fix important or RC bugs. > > Due to this issue and current work-around for #662983, the > functionality of the package is severly downgraded. Introducing a new > interface (named pipe or open fd) is desirable for the reasons David > says, and has potential for wheezy especially if backed by the apt > developers. While I appreciate the backing, I seriously doubt that anyone could make a convincing case for a deep freeze exception, for a feature that's not even fully developed yet (and that's not even that relevant for stable). -- Every great idea is worthless without someone to do the work. --Neil Williams -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
