Luke Kanies schrieb:
> On Oct 14, 2008, at 9:26 AM, Sean E. Millichamp wrote:
>
>> - Puppet.debug "Running chcon #{flag} #{value} #{file}"
>> - retval = system("chcon #{flag} #{value} #{file}")
>> + Puppet.debug "Running chcon -h #{flag} #{value} #{file}"
>> + retval = system("chcon -h #{flag} #{value} #{file}")
>
>
> I know I should have mentioned this ages ago, but in general I prefer
> fully-qualified binaries when possible. I know this is meant to run
> as root anyway, but path attacks are still out there.
>
Shouldn't path-attacks be averted by defining a puppet-local path
instead of hardcoding the path to a binary?
Regards, DavidS
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Puppet Developers" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/puppet-dev?hl=en
-~----------~----~----~----~------~----~------~--~---
