[DRE-maint] Bug#540610: rubygems: integrity violation
Daigo Moriwaki
daigo at debian.org
Sun Aug 9 08:01:38 UTC 2009
Hello Michael,
Michael S. Gilbert wrote:
>> In Debian, executables from gems install into a particular directory specific to
>> RubyGems such as /var/lib/gems/{1.8|1.9.0}/bin instead of the system directory
>> /usr/bin. There should be no risk that they talked about.
>>
>> If you think of any problems in Debian, please let me know; otherwise, please
>> close this ticket.
>
> what about installing a rogue 'ls' to '/var/lib/gems/{1.8|1.9.0}/bin'?
> i've never used rubygems before, so i'm not sure how paths are
> configured. would this override the system 'ls'?
I tried testgem downloaded from http://bugs.gentoo.org/show_bug.cgi?id=278566.
% sudo gem install testgem-0.0.1.gem
Successfully installed testgem-0.0.1
1 gem installed
Installing ri documentation for testgem-0.0.1...
File not found: lib
(I think that making document files causes this error.)
% ls /var/lib/gems/1.8/bin/less
/var/lib/gems/1.8/bin/less
So, /usr/bin/less is not overwritten.
Debian's RubyGems is patched to replace the upstream's indiscriminate default
directory.
Regards,
Daigo
--
Daigo Moriwaki
daigo at debian dot org
More information about the Pkg-ruby-extras-maintainers
mailing list