https://bugzilla.redhat.com/show_bug.cgi?id=969209 Christopher Meng <cickumqt@xxxxxxxxx> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |cickumqt@xxxxxxxxx --- Comment #9 from Christopher Meng <cickumqt@xxxxxxxxx> --- I think Orion knows that error of missing-call-to-setgroups. missing-call-to-setgroups has been renamed to missing-call-to-setgroups-before-setuid. This will be available in the next version. And the explanation is: This executable is calling setuid and setgid without setgroups or initgroups. There is a high probability this mean it didn't relinquish all groups, and this would be a potential security issue to be fixed. Seek POS36-C on the web for details about the problem. Ref POS36-C: https://www.securecoding.cert.org/confluence/display/seccode/POS36-C.+Observe+correct+revocation+order+while+relinquishing+privileges -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=XTvW005SFR&a=cc_unsubscribe _______________________________________________ package-review mailing list package-review@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/package-review