I had a few conversations with Heitor, Matthew & Jeremy last week regarding this SRU. Heitor and Matthew (SRU Sponsors for Sustaining Engineering) are both hesitant to sponsor this due to the potential blast radius of a change of semantics in g_file_set_contents (see debian codesearch at [1][2]; this could affect _many_ packages).
The alternative is to SRU dconf with the patch I submitted in gvdb (rejected upstream) [3]. That patch has been carried in OpenSUSE for 8 years [4]; a quick review of their bugtracker shows no permissions-related bugs in that package [5]. That patch was rejected because it allows the permissions to be incorrect for a short time until the chmod completes: * An application attempts to read the dconf database between the move of the tempfile & the chmod, resulting in a permissions error * dconf crashes or is killed between the move and the chmod, causing the file to retain incorrect permissions Both of these scenarios are extremely unlikely as dconf changes are uncommon, and they are easy to recover from. Because this bug only impacts DISA-STIG users, I think this is a more reasonable trade-off between risk to Ubuntu users in general and a viable fix for the bug. I will prepare alternative MPs in Launchpad (looks like Ubuntu dconf is not maintained in salsa) with the patch & update the SRU template accordingly. Thanks for your patience. [1] https://codesearch.debian.net/search?q=g_file_set_contents [2] https://codesearch.debian.net/results/4858c71f9ca47f0e/packages.txt [3] https://gitlab.gnome.org/GNOME/gvdb/-/merge_requests/27 [4] https://build.opensuse.org/package/show/openSUSE:Factory/dconf [4] https://bugzilla.opensuse.org/buglist.cgi?quicksearch=dconf -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2072586 Title: Running "dconf update" with different umask affects the permissions of dconf databases in /etc/dconf/db/ To manage notifications about this bug go to: https://bugs.launchpad.net/dconf/+bug/2072586/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
