Yes, this approach will never be complete. Something like the proposed feature
is only a building block. For the other stages, there could also be the
requirement to not modify files that have been available already. IMHO, other
attack vectors should be addressed with other tools.
What data would you need to be more willing to accept a PR the implements the
requested idea? While the hashing approach might be more IO heavy, it seems
like a portable solution. Furthermore, this approach does not require extra
permissions for additional jailing.
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/issues/3010#issuecomment-2065796737
You are receiving this because you are subscribed to this thread.
Message ID: <rpm-software-management/rpm/issues/3010/2065796...@github.com>
_______________________________________________
Rpm-maint mailing list
Rpm-maint@lists.rpm.org
http://lists.rpm.org/mailman/listinfo/rpm-maint