[Rpm-maint] ACL and File Capability Support in RPM

Panu Matilainen pmatilai at laiskiainen.org
Thu Oct 30 17:18:49 UTC 2008

On Thu, 30 Oct 2008, Andrew G. Morgan wrote:
> Hash: SHA1
> Panu,
> The following change looks a little problematic:
> http://rpm.org/gitweb?p=rpm.git;a=blobdiff;f=lib/verify.c;h=69fcd162a02fbb43ade1b6635e2f651ff43a9e8e;hp=4658ce99367b6820772554ca90887bf2a3ab026e;hb=db1f9af5e2a4443e64ce10112a9553204bab7f4e;hpb=97ab15cc9eadc1aab563b87a0c92d559cd9e9a41
> Specifically, cap_size() refers only to the cap_copy_ext() size of the
> capability set and not the sizeof(*cap_t), so the memory comparison:
>   memcmp(cap, fcap, cap_size(cap)
> is not reliably comparing the capability sets - at best this comparison
> is fragile.

Oops... thanks for pointing this out.

So assuming I can't rely on cap_compare() always being there (it being 
Linux-specific extension and even then only in very recent libcap), would 
the following be a reasonable fallback: If cap_size() of both sets are 
equal, grab external presentation of both and memcmp() them?

 	- Panu -

More information about the Rpm-maint mailing list