Mailinglist Archive: opensuse-packaging (23 mails)

< Previous Next >
Re: [opensuse-packaging] "quilt setup" considered harmful

El 27-09-2018 a las 13:09, Matthias Gerstner escribió:
Hello packagers,

the SUSE security team wants to draw your attention to a potential security
threat involving the use of `quilt setup ...` on untrusted RPM spec files.

You can do all of this with systemd-run, no need to install anything new
something like:

systemd-run -q --wait --pty -p PrivateDevices=yes -p ProtectSystem=full -p
BindPaths=... -p |ProtectHome=tmpfs| -p ...  .. see the systemd.exec and
systemd-run man pages for more details.

systemd-run -q --wait --pty -p PrivateDevices=yes ls /dev
To unsubscribe, e-mail: opensuse-packaging+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-packaging+owner@xxxxxxxxxxxx

< Previous Next >
List Navigation