Packaging Guidelines: Why so lax for BuildRoot?
Rex Dieter
rdieter at math.unl.edu
Sun Mar 23 19:25:55 UTC 2008
Tom Lane wrote:
> Kevin Kofler <kevin.kofler at chello.at> writes:
>> From a security standpoint, all those variants are flawed though (even
>> the mktemp is subject to a race condition), there is a proposal by
>> Lubomir Kundrak to fix the mess:
>> http://fedoraproject.org/wiki/PackagingDrafts/SecureBuildRoot
>> but so far it's just a proposal.
>
> It's 100% nuts that the BuildRoot tag even exists. This is something
> that could and should be handled by intelligence inside rpmbuild
Of course, but until rpmbuild is fixed, you gotta make do with what you've
got.
-- Rex
More information about the fedora-devel-list
mailing list