[prev in list] [next in list] [prev in thread] [next in thread] 

List:       webmin-devel
Subject:    Re: Possibly unsecure specfile code...
From:       Joe Cooper <joe () swelltech ! com>
Date:       2002-08-29 1:00:39
[Download RAW message or body]

Jamie Cameron wrote:

> The only reason it doesn't compare ownership against root is that the 
> same code is used in
> setup.sh to setup the temp directory, and it is possible that someone 
> might want to install
> webmin as a non-root user. Since RPMs are always installed as root, $< 
> will always be 0.

Just to be pedantic...Technically a non-root user can use RPM, assuming 
he has his own rpmdb, and uses relocatable packages.  But the Webmin RPM 
would never work in such a case, so no worries.  ;-)
-- 
Joe Cooper <joe@swelltech.com>
Web caching appliances and support.
http://www.swelltech.com



-------------------------------------------------------
This sf.net email is sponsored by: Jabber - The world's fastest growing 
real-time communications platform! Don't just IM. Build it in! 
http://www.jabber.com/osdn/xim
-
Forwarded by the Webmin development list at webmin-devel@webmin.com
To remove yourself from this list, go to
http://lists.sourceforge.net/lists/listinfo/webadmin-devel
[prev in list] [next in list] [prev in thread] [next in thread]