Marcus Meissner wrote:
You likely blame openSUSE quality for something you changed on your system actually...
--- Even if it was something I changed on my system, "defensive programming" -- checking your assumptions at runtime, and not relying on ENV vars unless it is documented to be dependent on them, (not something that used to be a problem). In perl, those are call 'tainted' variables -- until they are checked, you don't know the state they are in, and perl will flag root-level progs when doing full security checking. Apparently yast doesn't check and set it's runtime values to something it considers safe and requires. If it notices that it's tmp vars are not pointing to root's dirs, it should reset them. At least that is what I was taught was basic security programming -- don't rely on the environment. Even in my .bashrc, I check that whatever is running it is running as my UID, before it tries to start dbus. If it is running as some other UID, I don't want it starting instances of DBUS in my DBUS working dir. And that's just precautions I take in my .bashrc -- I'd do alot more in a program running with root privs that I wanted to ship to customers (maybe more than necessary, but I tend to go overboard at times). Au Revoir, Linda -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org