On Fri, 2006-05-19 at 00:23 +0000, Kevin Kofler wrote: > Nicolas Mailhot <nicolas.mailhot@...> writes: > > %defattr(0644,root,root,0755) would be less transparent but would force > > packagers to actually check the perms they need > > No, IMHO it would just lead them to systematically put > %defattr(0755,root,root,0755) (or worse, 0777, you never know...) everywhere in > specfiles, which means: It also means that RPMs will have incorrect ownership when built on systems that do not define the defattr outside of the spec file. It is better to have it it their. Not defining buildroot is one thing -it won't cause an incorrectly packaged rpm to be built on older systems, it will cause a build failure until the user defines a buildroot. But not having a %defattr means that on systems that don't define it, the package will build but have improper permissions - which is a severe security risk. It does not hurt to have %defattr there, and having it there prevents improper permissions. Well, prevents improper permissions that would be correct if it is defined there. -- fedora-extras-list mailing list fedora-extras-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-extras-list
