Mailinglist Archive: opensuse-packaging (129 mails)

< Previous Next >
Re: [opensuse-packaging] new dbus policy rpmlint check in Factory
  • From: Vincent Untz <vuntz@xxxxxxxxxxxx>
  • Date: Mon, 26 Jan 2009 12:06:20 +0100
  • Message-id: <20090126110620.GB2992@xxxxxxxxx>
Le lundi 26 janvier 2009, à 11:49 +0100, Ludwig Nussel a écrit :
Hi,

The dbus package used a too permissive configuration in the past
which led to security problems (CVE-2008-4311). During investigation
of that problem it was found that many packages install dbus
configuration files that contain useless settings, settings that
harm other services or settings that even break after the dbus
security update.

Therefore I've written an rpmlint check that warns about such flaws.
The check 'dbus-policy-missing-allow' will abort the build though.
If you encounter that error you need to fix your dbus policy as the
package will break (ie the service it offers via dbus won't work)
after a dbus with the restrictive config gets checked in.

For which versions of openSUSE will this be enabled? (ie, should we
backport the fixes we do to 11.1 & earlier?)

Vincent

--
Les gens heureux ne sont pas pressés.
--
To unsubscribe, e-mail: opensuse-packaging+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse-packaging+help@xxxxxxxxxxxx

< Previous Next >
Follow Ups
References