On 20/01/13 22:08, Allan McRae wrote: > There was some concern about potential security implications of calling execvp > and the ability to get a root shell. Good to see this was mentioned in the > six > months between the patches being sent to the mailing list and when they were > committed (passive-agressive Allan!) > > All those patches are reverted (commits 4a8c2852, 993700bc, bb4d2b72, > 60b192e3) > in the first patch which is not being sent. Then the pactests are refixed > only > allowing full paths to the scriptlet shell and the path to ldconfig is made > configurable. > > Allan McRae (4): > Revert execvp and related commits > pactest: handle non-default scriptlet shells > Remove leading / for pactest paths > Make path to ldconfig configurable
Any comments on these? I don't like to leave patches that we know are going to be reverted on master, so I would like to push them soon. Allan
