Neil Williams <codeh...@debian.org> writes: > On Mon, 02 Nov 2009 18:11:42 +0100 > Vincent Danjean <vdanjean...@free.fr> wrote: > >> Neil Williams wrote: >> >> /lib64 -> /lib >> > >> > That should be: >> > /lib64 -> lib >> >> On my system (amd64), this is currently /lib64 -> /lib >> Which package manages this symlink ? > > libc6 > >> > Having a link to /lib causes problems with debootstrap, cdebootstrap >> > and others. See #553599 > > See also the other bugs from which 553599 was cloned. > > #514015 and #514016 - both RC. > > "Packages with absolute symlinks to dirs like libc6 on amd64, ppc64 and > s390x can lead to overwrites of files outside of the new root." > > Any process that uses tar against /PATH/TO/CHROOT/lib64 will end up > putting files into /lib: > > "If one package (lib6) contains the symlink /lib64 -> /lib, another > package (in this case libattr1) which includes files in /lib64, will > be extracted into the host system and overwrite files there, as tar > follows the symlinks." > http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=553599#12
Maybe policy should be changed to allow only relative symlinks. I've been bitten by this many many times. Not as bad as tar extracting to / instead /chroot but try "file /chroot/lib64/libfoo.so" and similar. MfG Goswin -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org