[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#942051: debian-policy: [4.9] requirement to write only to /tmp, /var/tmp, ${TMPDIR} is too strict

Package: debian-policy
Version: 4.4.1.1
Severity: minor

While checking the upgrade checklist I noticed this new requirement:

+---
| 4.9
|    Required targets must not write outside of the unpacked source
|    package tree, except for TMPDIR, /tmp and /var/tmp.
+---

The wording is a bit too strict and should be relaxed.  There are
other paths that should be fine to be written to during the build
process, for example /dev/shm, /run/lock[1], or possibly anything
below /proc/<pid> for processes spawned by the build process.

Ansgar

  [1] Which I noticed is world-writable which I'm not sure should be
      as users could then fill /run...  Note that /run/user/<uid> has
      separate filesystems to avoid this problem; but then there are
      many paths below /run writable by service users which can cause
      the same problems.
Reply to: