From c4043528c17e3e8ac90d25ed3ddd1ef979bc8bab Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?V=C3=ADt=20Ondruch?= Date: Mon, 2 Jan 2023 18:16:58 +0100 Subject: [PATCH] The `missing-call-to-chdir-with-chroot` test was removed in rpmlint 2.0 https://github.com/rpm-software-management/rpmlint/commit/83f915a54d23f7a912ed42b84ccb4e373bec8ad9 --- ruby.rpmlintrc | 11 ----------- 1 file changed, 11 deletions(-) diff --git a/ruby.rpmlintrc b/ruby.rpmlintrc index 6d98082..c8119ba 100644 --- a/ruby.rpmlintrc +++ b/ruby.rpmlintrc @@ -40,17 +40,6 @@ addFilter(r'^ruby-libs\.\w+: E: shared-lib-without-dependency-information /usr/l # These are Ruby plugins, where Ruby always load glibc prior the library. addFilter(r'^ruby-libs\.\w+: W: library-not-linked-against-libc /usr/lib(64)?/ruby/.*.so$') -# The function `chroot` without using `chdir` is detected by rpmlint with the -# following message. However it looks a false positive as the `chroot` in the -# `dir.c` is just used as a Ruby binding `Dir.chroot` for the function. -# -# ruby-libs.x86_64: E: missing-call-to-chdir-with-chroot /usr/lib64/libruby.so.N.N.N -# This executable appears to call chroot without using chdir to change the -# current directory. This is likely an error and permits an attacker to break -# out of the chroot by using fchdir. While that's not always a security issue, -# this has to be checked. -addFilter(r'^ruby-libs\.\w+: E: missing-call-to-chdir-with-chroot /usr/lib(64)?/libruby.so.[\d/.]+$') - # Rake ships some examples. addFilter(r'^rubygem-rake.noarch: W: devel-file-in-non-devel-package /usr/share/gems/gems/rake-[\d\.]+/doc/example/\w+.c$')