Mailinglist Archive: opensuse-buildservice (175 mails)

< Previous Next >
Re: [opensuse-buildservice] rpmlintrc addfilter stopped working in Factory only
On 10/11/2011 1:01 PM, Brian K. White wrote:
Similar to

I have:
incron.x86_64: E: permissions-file-setuid-bit (Badness: 10000)
/usr/bin/incrontab is packaged with setuid/setgid bits (04755)
If the package is intended for inclusion in any SUSE product please open
a bug
report to request review of the program by the security team

Even though I have:
addFilter("permissions-file-setuid-bit .*/usr/bin/incrontab")
and that's been working in every version from 10.0 to 11.4

The suggestion about setbadness, doesn't that mean to ignore the error
on any file that might trigger it? How is ignoring an error everywhere
better than selectively ignoring it for a single specific known file?
You can't make that suggestion and still say you are worried about
peoples safety and trying to make things the most correct they can be.

The package is incron:

I used setBadness 900 and the package built, and at 900, at least I know only one suid file can pass, although I no longer can specify which file should be allowed.

To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-buildservice+owner@xxxxxxxxxxxx

< Previous Next >