[OE-core] host-user-contaminated QA check
Seebs
seebs at seebs.net
Thu Feb 2 17:12:01 UTC 2017
On Thu, 02 Feb 2017 17:39:07 +0100
Patrick Ohly <patrick.ohly at intel.com> wrote:
> On Thu, 2017-02-02 at 10:21 -0600, Seebs wrote:
> > On Thu, 02 Feb 2017 11:38:00 +0100
> > Patrick Ohly <patrick.ohly at intel.com> wrote:
> >
> > > Why do we make the real user ID on the build system visible at all
> > > when running under pseudo? The uid and user name have no meaning
> > > there, as the user won't exist on the target system. Instead we
> > > could map the owner of all files to root:root by default, i.e. in
> > > those cases where no other ownership is recorded in the pseudo
> > > database.
> >
> > We could. Honestly, the underlying reason we don't is at least in
> > part that that makes the behavior differ more from the behavior of
> > "sudo"; with sudo, you see actual ownerships. But that's less
> > applicable here.
> >
> > I would be more inclined to report a Definitely Absolutely Not Okay
> > user ID, like 65533. (65534 and 65535 have both been used as Magic
> > Cookies in the past, I think.)
>
> I had considered that approach myself, too. It would make the QA check
> reliable and in that sense solve the problem.
>
> But I find mapping to root:root more attractive because it makes
> packaging simpler (less worries about accidentally copying the
> original uid) and the builds faster (no need to run the QA check).
Hmm. I think I would rather have the QA check, because if a file's
supposed to be non-root, and ends up root instead, that could cause
subtle problems, but we'd no longer have a way to *detect* those
problems.
-s
More information about the Openembedded-core
mailing list