[Pkg-shadow-devel] Bug#857803: Bug#857803: shadow: Make the sp_lstchg shadow field reproducible.
Serge E. Hallyn
serge at hallyn.com
Sun Apr 9 15:50:02 UTC 2017
Quoting Chris Lamb (lamby at debian.org):
> Hi Serge,
>
> > > > looks ok to me, although, would it be better to fall back to time(NULL)
> > > > if the env variable is invalid?
> > >
> > > In my experience it is far superior to explicitly error out in this
> > > situation.
> >
> > My concern is unprivileged users causing unexpected failure in a more
> > privileged script or program by setting an invalid environment variable.
>
> I hadn't considered that until now. However, I think you have bigger
> problems if you can do that (eg. manipulate PATH!) and tools generally
> do the right thing these days with respect to cleaning the environment
> (eg. sudo).
Right, sudo does but just setuid-root does not. This env variable
is for reproducible builds, so can we check ruid==0 and ignore the
env variable if not? Or do the build scripts also run as non-root?
More information about the Pkg-shadow-devel
mailing list