* Michael Gilbert <mgilb...@debian.org>, 2012-10-08, 14:15:
"Packages must not include files or directories under /run, or under
the older /var/run and /var/lock paths."
The thing is that it really does no harm if a package actually does
this
Given that /var/lock is world-writable in Debian, and that dpkg follows
symlinks to directories, at least shipping directories in /var/lock is
almost certainly a security hole. (Fortunately, this is mitigated by the
protected_symlinks feature of the recent kernels.)
--
Jakub Wilk
--
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/20121008182724.ga2...@jwilk.net
