Mailinglist Archive: yast-devel (73 mails)

< Previous Next >
Re: [yast-devel] Moving stuff from /sbin /bin /lib /lib64 to /usr/*
On Mon, 7 Jul 2014 14:52:07 +0200
Arvin Schnell <aschnell@xxxxxxx> wrote:

On Mon, Jul 07, 2014 at 02:23:36PM +0200, Josef Reidinger wrote:
On Mon, 7 Jul 2014 14:17:40 +0200
Arvin Schnell <aschnell@xxxxxxx> wrote:

On Mon, Jul 07, 2014 at 02:11:48PM +0200, Lukas Ocilka wrote:
On 7.7.2014 14:07, Josef Reidinger wrote:

I have general question and I think answer to it should be
somewhere written as documented decision.

Why we use absolute path to binary? I think proper set PATH in
environment should be goal and use common path. Also from
security point of view it is quite useless because if PATH is
attacked, then also any real root action is attacked.

Sure, I myself also prefer the shorter way, but I think it was
because of security. Let's ask our security expert if this is
really the case, or whether it has changed meanwhile.

Bug https://bugzilla.novell.com/show_bug.cgi?id=794084 mentions
some reasons.

Regards,
Arvin


I see some reasons, but I worry that we need to proper fix PATH

But how, esp. if we want to make parts of YaST available as
libraries (modules/gems)?

From my point of a library should work with any PATH variable.

Regards,
Arvin


On other hand absolute path can make troubles to use library/gem on
non-suse systems or even on older suse systems, which is wrong from my
POV. I think it is reasonable requirement for library or gem, that it
need working path to its work.

So I think resolution can be use PATH for common binaries and for
specific binaries use absolute path.

Josef
--
To unsubscribe, e-mail: yast-devel+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: yast-devel+owner@xxxxxxxxxxxx

< Previous Next >
Follow Ups