On Wed, Mar 12, 2014 at 03:02:38PM +0100, Ansgar Burchardt wrote: > Package: gnustep-base-runtime > Tags: security > > gdomap chroots to /tmp "as another level of paranoia". However if > you are paranoid, you really want to chroot to an empty, > non-writable directory, not to a world-writable one containing > random files.
Thanks for the report. Do you have a suggestion how to handle this issue? Upstream writes: ,---- | I don't mind making things even more paranoid, but I don't know of an | empty, non-writable directory that the program can reliably move to, | and creating a directory which could then not be cleaned up on program | termination (because the program is chrooted inside it) does not seem | an acceptable option. Is there a standard portable way to do this (a | quick internet search didn't reveal anything to me)? `---- -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
