https://bugzilla.redhat.com/show_bug.cgi?id=1329886
--- Comment #5 from Jon Ciesla <[email protected]> --- Looks good, but I missed two rpmlint errors: dnscrypt-proxy.x86_64: E: missing-call-to-setgroups-before-setuid /usr/sbin/dnscrypt-proxy This executable is calling setuid and setgid without setgroups or initgroups. There is a high probability this means it didn't relinquish all groups, and this would be a potential security issue to be fixed. Seek POS36-C on the web for details about the problem. dnscrypt-proxy.x86_64: E: missing-call-to-chdir-with-chroot /usr/sbin/dnscrypt-proxy This executable appears to call chroot without using chdir to change the current directory. This is likely an error and permits an attacker to break out of the chroot by using fchdir. While that's not always a security issue, this has to be checked. -- You are receiving this mail because: You are on the CC list for the bug. You are always notified about changes to this product and component _______________________________________________ package-review mailing list [email protected] https://lists.fedoraproject.org/admin/lists/[email protected]
