Bug#942051: debian-policy: [4.9] requirement to write only to /tmp, /var/tmp, ${TMPDIR} is too strict
On Wed, Oct 09, 2019 at 05:51:53PM +0200, Ansgar Burchardt wrote:
> Package: debian-policy
> Version: 4.4.1.1
> Severity: minor
>
> While checking the upgrade checklist I noticed this new requirement:
>
> +---
> | 4.9
> | Required targets must not write outside of the unpacked source
> | package tree, except for TMPDIR, /tmp and /var/tmp.
> +---
>
> The wording is a bit too strict and should be relaxed. There are
> other paths that should be fine to be written to during the build
> process, for example /dev/shm, /run/lock[1], or possibly anything
> below /proc/<pid> for processes spawned by the build process.
Hello Ansgar,
Do you have example of packages that does that ?
(FWIW I do not consider writing to /proc/pid to be writing.
This is the same issue as with using localhost and network access.)
Cheers,
--
Bill. <ballombe@debian.org>
Imagine a large red swirl here.
Reply to: