Hi,
Quoting Samuel Thibault (2016-03-02 11:40:50)
> I tried to upgrade sbuild on a buildd, and some builds failed with:
>
> W: Stripped single quote from command for security: use strict;
> use warnings;
> use Dpkg::Arch;
> if (Dpkg::Arch::debarch_is('hurd-i386', 'any')) {
> exit 0;
> }
> exit 1;
>
> Bareword "hurd" not allowed while "strict subs" in use at -e line 4.
> Bareword "i386" not allowed while "strict subs" in use at -e line 4.
> Bareword "any" not allowed while "strict subs" in use at -e line 4.
> Execution of -e aborted due to compilation errors.
>
> So sbuild stripped the quotes (see get_command_internal function in
> ChrootPlain.pm) that it itself introduced (see check_architectures()
> function in Build.pm)
>
> I had to use the attached patch to fix the issue.thanks for the patch. Replacing the single with double quotes is indeed a good fix here. Though I also wonder why single quotes get stripped in the first place. What is the security problem with them? Neither the surrounding source code nor commit ec49ae9c where this stripping was introduced explains why it is necessary. cheers, josch
signature.asc
Description: signature
