[Rpm-maint] [rpm-software-management/rpm] Adding an LMDB backend to RPM (#281)
Jeff Johnson
notifications at github.com
Tue Jul 17 05:54:04 UTC 2018
I was referring to a security audit of a setuid helper program, not auditing whether lock.mdb is 0666.
The helper should be exec'd while opening, after checking whether an existing file already has 0666 permissions.
There is also the corner case(s) of a non-existent lock.mdb file, or an ill-formed lock.mdb file, which would need to be handled: one approach would be to save a copy of the initial lock.mdb if 8Kb of zero isn't enough.
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/issues/281#issuecomment-405467827
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rpm.org/pipermail/rpm-maint/attachments/20180716/e56e57d1/attachment-0001.html>
More information about the Rpm-maint
mailing list