One might well ask: Why sign any "mutable" file?

The (rather inchoate) answer supplied in the original RFE for signing %config 
files is (iiuc) was 1) so that IMA policy can be written against %config files 
and 2) so that %config files in a package will have an ima signature in an 
xattr.

The same reasoning applies to %ghost files which are "owned" (with usual 
perms/uid/gid metadata) by a package. The content of %ghost files is usually 
generated in %buildroot using touch(1), so the appropriate signature for %ghost 
files would be a signature on an empty (but "mutable") file.

The main reason for treating %ghost like empty %config files is to remove 
special cases peculiar to rpm packaging that show up later as RFE's.



-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/374#issuecomment-364620067
_______________________________________________
Rpm-maint mailing list
Rpm-maint@lists.rpm.org
http://lists.rpm.org/mailman/listinfo/rpm-maint

Reply via email to