Bug#845715: Required targets must not write outside of the source package tree

To: 845715@bugs.debian.org
Subject: Bug#845715: Required targets must not write outside of the source package tree
From: Sean Whitton <spwhitton@spwhitton.name>
Date: Sat, 03 Nov 2018 12:38:55 -0700
Message-id: <[🔎] 87k1luuf1s.fsf@iris.silentflame.com>
Reply-to: Sean Whitton <spwhitton@spwhitton.name>, 845715@bugs.debian.org
References: <148013126214.5727.2833489398483306064.reportbug@localhost>

control: tag -1 +patch

Hello,

I reformatted and wordsmithed josch's patch, second it myself, and am
seeking further seconds.

Given that whole archive rebuilds with use sbuild and already catch
packages that violate this requirement, making this change would not
declare any packages buggy that would not already be considered buggy,
so we can make it right away.

diff --git a/debian/changelog b/debian/changelog
index 956f367..b90ea92 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -10,6 +10,11 @@ debian-policy (4.2.2.0) UNRELEASED; urgency=medium
     Seconded: Holger Levsen <holger@layer-acht.org>
     Seconded: Russ Allbery <rra@debian.org>
     Closes: #912581
+  * Policy: Required targets must not write outside of the source package tree
+    Wording: Johannes Schauer <josch@debian.org>
+    Seconded: Sean Whitton <spwhitton@spwhitton.name>
+    Seconded: ...
+    Closes: #845715
   * In a preexisting footnote, recommend passing -D to strip(1) when
     stripping static libraries.
     Thanks to Niels Thykier for the suggestion.
diff --git a/policy/ch-source.rst b/policy/ch-source.rst
index dc80243..c486e7c 100644
--- a/policy/ch-source.rst
+++ b/policy/ch-source.rst
@@ -291,6 +291,16 @@ For packages in the main archive, no required targets may attempt
 network access, except, via the loopback interface, to services on the
 build host that have been started by the build.

+Required targets must not attempt to write outside of the unpacked
+source package tree. An exception to this rule is the use of
+``TMPDIR`` (or ``/tmp`` if that is not set) which is permitted as long
+as temporary files are deleted by the end of the target, and not
+reused by subsequent execution of the target.  This restriction is
+intended to prevent source package builds creating and depending on
+state outside of themselves, thus affecting multiple independent
+rebuilds.  In particular, the required targets must not attempt to
+write into ``HOME``.
+
 The targets are as follows:

 ``build`` (required)
diff --git a/policy/upgrading-checklist.rst b/policy/upgrading-checklist.rst
index 899f7e8..70b31bd 100644
--- a/policy/upgrading-checklist.rst
+++ b/policy/upgrading-checklist.rst
@@ -52,6 +52,10 @@ Unreleased.
     copyright file, but it need not be if creating and maintaining a
     copy of that information involves significant time and effort

+4.9
+    Required targets must not write outside of the unpacked source
+    package tree, except for TMPDIR (or /tmp if that is not set).
+
 10.1
     Binaries should be stripped using
     ``strip --strip-unneeded --remove-section=.comment --remove-section=.note``

-- 
Sean Whitton

Attachment: signature.asc
Description: PGP signature

Reply to:

Follow-Ups:
- Bug#845715: Required targets must not write outside of the source package tree
  - From: Russ Allbery <rra@debian.org>
- Bug#845715: Required targets must not write outside of the source package tree
  - From: Mattia Rizzolo <mattia@debian.org>

Prev by Date: Processed: Re: Bug#912724: www.debian.org: wrong links to translations of "Debian Developer's Reference"
Next by Date: Processed: Required targets must not write outside of the source package tree
Previous by thread: Processed: Re: Bug#912724: www.debian.org: wrong links to translations of "Debian Developer's Reference"
Next by thread: Processed: Required targets must not write outside of the source package tree
Index(es):
- Date
- Thread