On 4/1/20 4:27 AM, Lukas Czerner wrote:
I've noticed some failures in automated tests in bodhi, specifically
this one:
{
"arch" : "x86_64",
"code" : "SuspiciousPath",
"context" : {
"excerpt" : [
"PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin"
],
"path" : "/usr/sbin/e2scrub"
},
"diag" : "Potentially insecure PATH element <tt>/local</tt>",
"subpackage" : "e2scrub"
},
I am not sure why it's considered insecure while on all of the Fedora
and RHEL systems I have available "/usr/local/sbin:/usr/local/bin" is a
default part of the PATH.
You don't want a system script to be looking for executables in
/usr/local before the regular bin directories. And it's probably better
that it doesn't look in /usr/local at all.
It's fine for the admin to put extra things in /usr/local, but those
paths don't override the system ones.
_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
