ruby.rpmlintrc: Ignore a false positive missing-call-to-chdir-with-chroot error.

The `chroot` in the `dir.c` is just used as a Ruby binding `Dir.chroot`
for the function.

Ignore the following error.

```
ruby-libs.x86_64: E: missing-call-to-chdir-with-chroot /usr/lib64/libruby.so.3.0.1
```
This commit is contained in:
Jun Aruga 2021-04-28 20:53:04 +02:00
parent 26bc979446
commit 882d68b75c

View File

@ -39,3 +39,14 @@ addFilter(r'^rubygem-rbs\.noarch: E: non-executable-script /usr/share/gems/gems/
addFilter(r'^rubygem-rbs\.noarch: E: non-executable-script /usr/share/gems/gems/rbs-[\d\.]+/bin/test_runner.rb 644 ')
# test-unit
addFilter(r'^rubygem-test-unit\.noarch: E: non-executable-script /usr/share/gems/gems/test-unit-[\d\.]+/test/run-test.rb 644 ')
# The function `chroot` without using `chdir` is detected by rpmlint with the
# following message. However it looks a false positive as the `chroot` in the
# `dir.c` is just used as a Ruby binding `Dir.chroot` for the function.
#
# ruby-libs.x86_64: E: missing-call-to-chdir-with-chroot /usr/lib64/libruby.so.3.0.1
# This executable appears to call chroot without using chdir to change the
# current directory. This is likely an error and permits an attacker to break
# out of the chroot by using fchdir. While that's not always a security issue,
# this has to be checked.
addFilter(r'^ruby-libs\.\w+: E: missing-call-to-chdir-with-chroot /usr/lib(64)?/libruby.so.[\d/.]+$')