[Debian-med-packaging] Bug#739575: Bug#739575: python-pysam-tests: world writable directory tree: /var/lib/pysam/tests
Andreas Tille
tille at debian.org
Thu Feb 20 09:36:57 UTC 2014
Hi Charles,
On Thu, Feb 20, 2014 at 06:26:36PM +0900, Charles Plessy wrote:
> Le Thu, Feb 20, 2014 at 10:08:16AM +0100, Andreas Tille a écrit :
> > Hi Andreas,
> >
> > the directory is intended to be written by the world since the whole
> > world should be able to run the test suite there ... this is the purpose
> > of this package at all: Let everybody run the test (including
> > autopkgtest) and forget about the directory afterwards.
> >
> > Do I need to mark this intention to not provoke any errors?
>
> Hi Adreases,
>
> I think that the expectation is that the package provides a directory tree to
> be copied in a temporary location; this solves the problem of write
> permissions.
While I agree that this would solve this formal problem I think
providing (potentially large chunks of) data which are only to run a
test and force people to create various copies of them is an insane
consequence of the requirement to not have world writable directory
tries.
Kind regards
Andreas.
--
http://fam-tille.de
More information about the Debian-med-packaging
mailing list