[prev in list] [next in list] [prev in thread] [next in thread]
List: webmin-devel
Subject: Re: Possibly unsecure specfile code...
From: Joe Cooper <joe () swelltech ! com>
Date: 2002-08-29 1:00:39
[Download RAW message or body]
Jamie Cameron wrote:
> The only reason it doesn't compare ownership against root is that the
> same code is used in
> setup.sh to setup the temp directory, and it is possible that someone
> might want to install
> webmin as a non-root user. Since RPMs are always installed as root, $<
> will always be 0.
Just to be pedantic...Technically a non-root user can use RPM, assuming
he has his own rpmdb, and uses relocatable packages. But the Webmin RPM
would never work in such a case, so no worries. ;-)
--
Joe Cooper <joe@swelltech.com>
Web caching appliances and support.
http://www.swelltech.com
-------------------------------------------------------
This sf.net email is sponsored by: Jabber - The world's fastest growing
real-time communications platform! Don't just IM. Build it in!
http://www.jabber.com/osdn/xim
-
Forwarded by the Webmin development list at webmin-devel@webmin.com
To remove yourself from this list, go to
http://lists.sourceforge.net/lists/listinfo/webadmin-devel
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic