ruby.rpmlintrc: Ignore a false positive missing-call-to-chdir-with-chroot error.
The `chroot` in the `dir.c` is just used as a Ruby binding `Dir.chroot` for the function. Ignore the following error. ``` ruby-libs.x86_64: E: missing-call-to-chdir-with-chroot /usr/lib64/libruby.so.3.0.1 ```
This commit is contained in:
parent
26bc979446
commit
882d68b75c
@ -39,3 +39,14 @@ addFilter(r'^rubygem-rbs\.noarch: E: non-executable-script /usr/share/gems/gems/
|
||||
addFilter(r'^rubygem-rbs\.noarch: E: non-executable-script /usr/share/gems/gems/rbs-[\d\.]+/bin/test_runner.rb 644 ')
|
||||
# test-unit
|
||||
addFilter(r'^rubygem-test-unit\.noarch: E: non-executable-script /usr/share/gems/gems/test-unit-[\d\.]+/test/run-test.rb 644 ')
|
||||
|
||||
# The function `chroot` without using `chdir` is detected by rpmlint with the
|
||||
# following message. However it looks a false positive as the `chroot` in the
|
||||
# `dir.c` is just used as a Ruby binding `Dir.chroot` for the function.
|
||||
#
|
||||
# ruby-libs.x86_64: E: missing-call-to-chdir-with-chroot /usr/lib64/libruby.so.3.0.1
|
||||
# This executable appears to call chroot without using chdir to change the
|
||||
# current directory. This is likely an error and permits an attacker to break
|
||||
# out of the chroot by using fchdir. While that's not always a security issue,
|
||||
# this has to be checked.
|
||||
addFilter(r'^ruby-libs\.\w+: E: missing-call-to-chdir-with-chroot /usr/lib(64)?/libruby.so.[\d/.]+$')
|
||||
|
Loading…
Reference in New Issue
Block a user