https://bugzilla.redhat.com/show_bug.cgi?id=1421041 --- Comment #5 from sensor.wen@xxxxxxxxx --- I think full path is important. The $PATH environment variable is easy to change. It's not safe. For example: $ vi test.spec .... %post python3 -c 'print("Hello")' ... $ vi /usr/local/bin/python3 #!/bin/bash echo "bad things." /bin/python3 $@ # rpm -ivh -D"_install_script_path /usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin" test-0.1-1.fc25.x86_64.rpm 1:test-0.1-1.fc25 ################################# [100%] bad things. Hello -- You are receiving this mail because: You are on the CC list for the bug. You are always notified about changes to this product and component _______________________________________________ package-review mailing list -- package-review@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to package-review-leave@xxxxxxxxxxxxxxxxxxxxxxx
