> On 3 Jan 2023, at 11:47, Ulrich Mueller wrote:
>
>> On Tue, 03 Jan 2023, Sam James wrote:
>
>> - if [[ "$(file "${exe}")" == *"shell script text"* ]]
>> + if [[ "$(file -S "${exe}")" == *"shell script text"* ]]
>
> POSIX file doesn't know the -S option. Could that cause any problems,
>
> On Tue, 03 Jan 2023, Sam James wrote:
> - if [[ "$(file "${exe}")" == *"shell script
> text"* ]]
> + if [[ "$(file -S "${exe}")" == *"shell script
> text"* ]]
POSIX file doesn't know the -S option. Could that cause any problems,
Files being installed by Portage are generally trusted but also the
syscalls allowed by file are quite broad anyway.
With e.g. new libc or sandbox version (or any number of things...), the
syscalls used by file can change which leads to its seccomp filter killing
the process. This is an