[Rpm-maint] [rpm-software-management/rpm] RFE: Fork Lua scriptlets too (Issue #2635)

Panu Matilainen notifications at github.com
Tue Aug 29 14:13:40 UTC 2023


I could've sworn there is a ticket on this already but can't find it :eyes: 

Currently rpm runs scriptlets in two drastically different ways: the "normal" scriptlets go through fork() + exec() whereas Lua scriptlets run inline in the main rpm process. Not having to exec() is a feature, because it allows Lua to run in the void of an empty chroot, but not forking is a problem as it allows arbitrary scriptlets to mess with rpm configuration and whatnot. Besides being a security hazard as it is, the "small" difference and the imbalance it creates effectively prevents other enhancements in this area.

-- 
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/issues/2635
You are receiving this because you are subscribed to this thread.

Message ID: <rpm-software-management/rpm/issues/2635 at github.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rpm.org/pipermail/rpm-maint/attachments/20230829/55e3b18a/attachment-0001.html>


More information about the Rpm-maint mailing list