diff options
author | David Kalnischkies <david@kalnischkies.de> | 2015-10-09 22:25:13 +0200 |
---|---|---|
committer | David Kalnischkies <david@kalnischkies.de> | 2015-11-04 18:04:00 +0100 |
commit | 0940230dd6710ff5b555bed8be3d75ae0d150a08 (patch) | |
tree | 55a25579ecf4e3ae853b59d18c4120727f6ea3a0 /test/integration/test-cve-2013-1051-InRelease-parsing | |
parent | 64e3414e00906e6eaa72d7b63ca76d1c59ecadf6 (diff) |
drop privileges in file:// method as we do for decompressors
We drop it in decompressors, which are the natural next step, so if an
archive is used which isn't worldreadable (= not accessible by _apt) it
doesn't work anyway, so we just fail a bit earlier now and avoid all the
bad things which can happen over file (which could very well still be a
network resourc via NFS mounts or similar stuff, so hardly as safe as
the name might suggest at first).
Diffstat (limited to 'test/integration/test-cve-2013-1051-InRelease-parsing')
0 files changed, 0 insertions, 0 deletions