This seems to be caused by opening the configuration files with O_NOFOLLOW:

~/schroot-1.1.6$ grep -Rn O_NOFOLLOW .
./sbuild/sbuild-chroot-config.cc:441:  int fd = open(file.c_str(), 
O_RDONLY|O_NOFOLLOW);

I don't see a reason why opening the configuration file with O_NOFOLLOW improves the security of schroot, since the configuration comes from /etc anyway.

        -Tim Abbott



--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Reply via email to