Package: apt Version: 0.7.9ubuntu17.1 Severity: important Tags: patch -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
apt-mark terminates abnormaly when non-root user executes it. This issue should be considered because -f option allows anyone to define its own source file. Here is a really simple patch to detect issues regarding file access while trying to open them for non-root users and terminates apt-mark properly with a return value of 1. Regards, Carl Chenet - -- Package-specific info: - -- (no /etc/apt/preferences present) -- - -- (/etc/apt/sources.list present, but not submitted) -- - -- System Information: Debian Release: lenny/sid APT prefers hardy-updates APT policy: (500, 'hardy-updates'), (500, 'hardy-security'), (500, 'hardy') Architecture: amd64 (x86_64) Kernel: Linux 2.6.24-23-generic (SMP w/4 CPU cores) Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages apt depends on: ii libc6 2.7-10ubuntu4 GNU C Library: Shared libraries ii libgcc1 1:4.2.4-1ubuntu3 GCC support library ii libstdc++6 4.2.4-1ubuntu3 The GNU Standard C++ Library v3 Versions of packages apt recommends: ii ubuntu-keyring 2008.03.04 GnuPG keys of the Ubuntu archive - -- no debconf information -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFJy4XU8lge+lYYJUgRAkO2AKCCS7rv7CVVac7B8F7v6LR1+hvp4ACfaWPN VJAuGTEz3TA8XsL/Z+aQEgU= =rNt8 -----END PGP SIGNATURE-----
47,48c47,53 < tagfile = apt_pkg.ParseTagFile(open(STATE_FILE)) < outfile = open(STATE_FILE+".tmp","w") --- > try: > tagfile = apt_pkg.ParseTagFile(open(STATE_FILE)) > outfile = open(STATE_FILE+".tmp","w") > except IOError, msg: > print msg > print 'Maybe you are not root user ?' > sys.exit(1)