[OE-core] [PATCH] libpam: reproducibility: Fix host umask leakage at patch-time
Douglas Royds
douglas.royds at taitradio.com
Thu Dec 20 20:40:06 UTC 2018
On 21/12/18 9:37 AM, Burton, Ross wrote:
> On Thu, 20 Dec 2018 at 20:26, Douglas Royds <douglas.royds at taitradio.com> wrote:
>> libpam is unusual in having a patch that creates an entirely new file
>> (tty_secure.c). If that patch eventually goes, then this umask setting
>> can go as well.
>>
>> I haven't come across any other cases of a patch creating a file, but if
>> there are, then we could certainly move this setting. Perhaps we should
>> wait until others emerge.
> I definitely wouldn't want to make the assumption that libpam is the
> only recipe of all time that will create a file.
No indeed. There are very likely others already, libpam is just the one
I happened to stumble across. I'll shift the setting.
More information about the Openembedded-core
mailing list