[Fedora-packaging] Re: Absolute symlinks

Tue Aug 22 16:56:28 UTC 2006

On Tue, 2006-08-22 at 17:10 +0200, Axel Thimm wrote:
> On Tue, Aug 22, 2006 at 08:04:16AM -0700, Toshio Kuratomi wrote:
> > Here's rpmlint's reasoning: 
> >   'Absolute symlinks are problematic eg. when working with chroot
> > environments.'
> 
> In that sense every symlink is danergerous including relative ones: if
> it contains too many ".." you'll end up outside the chroot anyway if
> accessed from outside. 

That supposes that the symlink is referencing something above where the
root directory should be.  If it happens when the path is the same as
where the package is meant to install, then I'd consider it a bug in
packaging (ie: if you packaged a symlink, /usr/bin/ifconfig, it
shouldn't point to ../../../../../sbin/ifconfig; it should point
to ../../sbin/ifconfig).

If it happens with the path changed, (You install the previous package
with --relocate /usr/bin=/bin) I'm inclined to say that's unsupported
behaviour anyway.

> If accessed from inside the chroot, absolute
> paths are even securer when being root.
> 
More secure?

> Chroots (with external access, e.g. not within) aren't used by package
> consumers, but package builders and testers.

This is incorrect.  We often use chroots for building and testing
packages here in Fedora but chroots are a much more general purpose
tool.

I think relative symlinks and chroots are most important with
configuration files where an administrator will try to edit the file
from outside the chroot.  There can be a world of difference between
$CHROOT/root/resolv.conf => ../etc/resolv.conf and
$CHROOT/root/resolv.conf => /etc/resolv.conf

-Toshio
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.fedoraproject.org/pipermail/packaging/attachments/20060822/c17abe90/attachment.bin 