Bug#555979: debian-policy: Symlinks pointing beyond the root of the file system
On Sun, Nov 23, 2014 at 01:44:02PM -0200, Henrique de Moraes Holschuh wrote: On Sun, 23 Nov 2014, Jakub Wilk wrote: * Andrey Rahmatullin w...@debian.org, 2014-11-22, 12:39: --- a/policy.sgml +++ b/policy.sgml @@ -8892,6 +8892,7 @@ fname () { would point to file/srv/run/file rather than the intended target. /footnote + Symbolic links must not traverse above the root directory. /p Seconded. Seconded. as well. Hello, Thanks for the seconds, I have commited this patch to the GIT repository. Anthony objection about the must is not specific to this bug, and the must is used in accordance to the usual practice of the policy editors concerning auto-reject lintian errors, thus we cannot address it there. Cheers, -- Bill. ballo...@debian.org Imagine a large red swirl here. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#555979: debian-policy: Symlinks pointing beyond the root of the file system
On Sun, Nov 23, 2014 at 01:58:41AM +, Anthony Towns wrote: On Sat, Nov 22, 2014 at 12:39:44PM +0500, Andrey Rahmatullin wrote: On Thu, Nov 12, 2009 at 04:31:52PM -0800, Russ Allbery wrote: Lintian has a tag: Tag: symlink-has-too-many-up-segments Severity: serious + Symbolic links must not traverse above the root directory. This isn't listed in https://release.debian.org/jessie/rc_policy.txt I don't see any reason why it should be RC; so s/must/should/ IMO. Is it your position that an issue that cause the FTP masters to reject the package at upload time is not necessarily RC ? Cheers, -- Bill. ballo...@debian.org Imagine a large red swirl here. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#555979: debian-policy: Symlinks pointing beyond the root of the file system
* Andrey Rahmatullin w...@debian.org, 2014-11-22, 12:39: --- a/policy.sgml +++ b/policy.sgml @@ -8892,6 +8892,7 @@ fname () { would point to file/srv/run/file rather than the intended target. /footnote + Symbolic links must not traverse above the root directory. /p Seconded. -- Jakub Wilk -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#555979: debian-policy: Symlinks pointing beyond the root of the file system
On Sun, 23 Nov 2014, Jakub Wilk wrote: * Andrey Rahmatullin w...@debian.org, 2014-11-22, 12:39: --- a/policy.sgml +++ b/policy.sgml @@ -8892,6 +8892,7 @@ fname () { would point to file/srv/run/file rather than the intended target. /footnote + Symbolic links must not traverse above the root directory. /p Seconded. Seconded. as well. -- One disk to rule them all, One disk to find them. One disk to bring them all and in the darkness grind them. In the Land of Redmond where the shadows lie. -- The Silicon Valley Tarot Henrique Holschuh signature.asc Description: Digital signature
Bug#555979: debian-policy: Symlinks pointing beyond the root of the file system
On Sun, Nov 23, 2014 at 01:25:50PM +0100, Bill Allombert wrote: On Sun, Nov 23, 2014 at 01:58:41AM +, Anthony Towns wrote: On Sat, Nov 22, 2014 at 12:39:44PM +0500, Andrey Rahmatullin wrote: On Thu, Nov 12, 2009 at 04:31:52PM -0800, Russ Allbery wrote: Lintian has a tag: Tag: symlink-has-too-many-up-segments Severity: serious + Symbolic links must not traverse above the root directory. This isn't listed in https://release.debian.org/jessie/rc_policy.txt I don't see any reason why it should be RC; so s/must/should/ IMO. Is it your position that an issue that cause the FTP masters to reject the package at upload time is not necessarily RC ? Yes; or more particularly, that FTP masters should reject packages with any bug that's easy to fix and easy to detect with no (or very minimal) false positives, whether it's RC or not. Cheers, aj -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#555979: debian-policy: Symlinks pointing beyond the root of the file system
On Sat, Nov 22, 2014 at 12:39:44PM +0500, Andrey Rahmatullin wrote: Control: tags -1 + patch On Thu, Nov 12, 2009 at 04:31:52PM -0800, Russ Allbery wrote: Lintian has a tag: Tag: symlink-has-too-many-up-segments Severity: serious Certainty: certain Ref: policy 10.5 Info: The symlink references a directory beyond the root directory /. for symlinks that contain so many ../ segments that they traverse above the root of the file system. This tag is currently used by ftpmaster to reject uploads, but this behavior is not explicitly prohibited by Policy (although it violates both shoulds in 10.5). Here is a patch: diff --git a/policy.sgml b/policy.sgml index 6eac491..a582f60 100644 --- a/policy.sgml +++ b/policy.sgml @@ -8892,6 +8892,7 @@ fname () { would point to file/srv/run/file rather than the intended target. /footnote + Symbolic links must not traverse above the root directory. /p p Seconded. (If I may give you a tip, when sending policy patch, consider using more context lines (e.g. diff -u6)), this makes the location of the cange more obvious. Cheers, -- Bill. ballo...@debian.org Imagine a large red swirl here. signature.asc Description: Digital signature
Bug#555979: debian-policy: Symlinks pointing beyond the root of the file system
Control: tags -1 + patch On Thu, Nov 12, 2009 at 04:31:52PM -0800, Russ Allbery wrote: Lintian has a tag: Tag: symlink-has-too-many-up-segments Severity: serious Certainty: certain Ref: policy 10.5 Info: The symlink references a directory beyond the root directory /. for symlinks that contain so many ../ segments that they traverse above the root of the file system. This tag is currently used by ftpmaster to reject uploads, but this behavior is not explicitly prohibited by Policy (although it violates both shoulds in 10.5). Here is a patch: diff --git a/policy.sgml b/policy.sgml index 6eac491..a582f60 100644 --- a/policy.sgml +++ b/policy.sgml @@ -8892,6 +8892,7 @@ fname () { would point to file/srv/run/file rather than the intended target. /footnote + Symbolic links must not traverse above the root directory. /p p -- WBR, wRAR signature.asc Description: Digital signature
Bug#555979: debian-policy: Symlinks pointing beyond the root of the file system
Package: debian-policy Version: 3.8.3.0 Severity: wishlist Lintian has a tag: Tag: symlink-has-too-many-up-segments Severity: serious Certainty: certain Ref: policy 10.5 Info: The symlink references a directory beyond the root directory /. for symlinks that contain so many ../ segments that they traverse above the root of the file system. This tag is currently used by ftpmaster to reject uploads, but this behavior is not explicitly prohibited by Policy (although it violates both shoulds in 10.5). -- System Information: Debian Release: squeeze/sid APT prefers testing APT policy: (990, 'testing'), (500, 'unstable'), (1, 'experimental') Architecture: i386 (i686) Kernel: Linux 2.6.30-2-686-bigmem (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash debian-policy depends on no packages. debian-policy recommends no packages. Versions of packages debian-policy suggests: ii doc-base 0.9.5 utilities to manage online documen -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org