15 Feb
2007
15 Feb
'07
13:01
Hi, On Wed, 14 Feb 2007 at 22:46, andreas.hanke@gmx-topmail.de wrote:
rm -rf $RPM_BUILD_ROOT/*
I think this is vulnreable to a symlink attack. If somebody has created $RPM_BUILD_ROOT as a symlink that points to your home dir, then rm -rf $RPM_BUILD_ROOT will be save, as it either removes the symlink or fails if you don't have permission to remove it, but rm -rf $RPM_BUILD_ROOT/* will "clean up" your home dir. cu Reinhard --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-packaging+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-packaging+help@opensuse.org