http://bugzilla.suse.com/show_bug.cgi?id=481011
http://bugzilla.suse.com/show_bug.cgi?id=481011#c5
Josef Reidinger changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |jreidinger@suse.com
--- Comment #5 from Josef Reidinger ---
fix is in https://github.com/yast/yast-yast2/pull/507
in the end I do not use pkg-bindings solution because
"
If the directory already exists, simply reuse it. It may contain data from a
previous call for the same repository, but this should not matter, shouldn't
it?"
it really matter as it can be used to root exploit. It is just enough to create
there symlink pointing to some directory and write to important directory.
--
You are receiving this mail because:
You are on the CC list for the bug.