[Debian GNUstep maintainers] Bug#741441: gnustep-base-runtime: gdomap does chroot("/tmp")
Yavor Doganov
yavor at gnu.org
Thu Jul 24 20:55:56 UTC 2014
On Wed, Mar 12, 2014 at 03:02:38PM +0100, Ansgar Burchardt wrote:
> Package: gnustep-base-runtime
> Tags: security
>
> gdomap chroots to /tmp "as another level of paranoia". However if
> you are paranoid, you really want to chroot to an empty,
> non-writable directory, not to a world-writable one containing
> random files.
Thanks for the report. Do you have a suggestion how to handle this
issue? Upstream writes:
,----
| I don't mind making things even more paranoid, but I don't know of an
| empty, non-writable directory that the program can reliably move to,
| and creating a directory which could then not be cleaned up on program
| termination (because the program is chrooted inside it) does not seem
| an acceptable option. Is there a standard portable way to do this (a
| quick internet search didn't reveal anything to me)?
`----
More information about the pkg-GNUstep-maintainers
mailing list