Hello, Am Donnerstag, 5. November 2015 schrieb Carlos E. R.:
On 2015-11-05 14:09, Johannes Meixner wrote:
On Nov 5 13:14 Carlos E. R. wrote (excerpt):
Different approach idea: install the rpm and somehow list or catch any written or changed file outside of those listed by "rpm -ql ..."
I assume you mean to basically compare what "rpm -ql" shows for an installed package before updating it with what it shows after it was updated.
Well, no... rpm -ql should display the same before and after. Doesn't it? :-? The issue here, I believe, is what is done by scripts in the rpm, what is not declared in advance.
It's not declared by rpm -qpl - but you can easily use rpm -qp --scripts untrusted-package.rpm IMHO that is the more important check compared to rpm -qpl because things done by the scripts are typically harder to detect afterwards (rpm -qf $file and rpm -V $package are useless if a script creates or modifies a file, while both are helpful for files "officially" shipped in a package).
On the other hand what should the user do when he gets informed that "update of <package> replaced /usr/bin/ls"?
Huh. Freak out? :-))
And that repairs your system? Does it also work for hacked Joomla or Wordpress sites? If yes, can you teach me how to correctly freak out, please? ;-)
Of course, even better would be to halt mid-install on every outside change, and ask whether to allow or not. But that would extensive new coding, I guess.
The problem is that it will end up in *lots of* questions [1] - and that means that the user will just put a stone on the enter key and miss the one malicious thing in the middle of 100 other events. Regards, Christian Boltz [1] lots of packages have scripts in %post etc. - being it ldconfig calls (done in all lib* packages), updating the bootloader, changing an alternatives symlink, updating font or icon cache, ... --
Heute habe ich die CPU gepflegt und wollte danach den PC starten / booten. Es gab kein Bild. Was heißt das denn genau? Maniküre, Pediküre, UV-Bad, Cremen, ... ;) [> Frank und T. Ermlich in opensuse-de]
-- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org