From 5684f71fa0f6c1b765aa53e22ca3b024c578b9c9 Mon Sep 17 00:00:00 2001 From: David Kalnischkies Date: Mon, 6 Oct 2014 14:29:53 +0200 Subject: use _apt:root only for partial directories Using a different user for calling methods is intended to protect us from methods running amok (via remotely exploited bugs) by limiting what can be done by them. By using root:root for the final directories and just have the files in partial writeable by the methods we enhance this in sofar as a method can't modify already verified data in its parent directory anymore. As a side effect, this also clears most of the problems you could have if the final directories are shared without user-sharing or if these directories disappear as they are now again root owned and only the partial directories contain _apt owned files (usually none if apt isn't running) and the directory itself is autocreated with the right permissions. --- apt-pkg/acquire-item.h | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) (limited to 'apt-pkg/acquire-item.h') diff --git a/apt-pkg/acquire-item.h b/apt-pkg/acquire-item.h index 02b8c13e8..a3388ca3e 100644 --- a/apt-pkg/acquire-item.h +++ b/apt-pkg/acquire-item.h @@ -75,12 +75,11 @@ class pkgAcquire::Item : public WeakPointable * \param Item Metadata about this item (its URI and * description). */ - inline void QueueURI(ItemDesc &Item) - {Owner->Enqueue(Item);}; + void QueueURI(ItemDesc &Item); /** \brief Remove this item from its owner's queue. */ - inline void Dequeue() {Owner->Dequeue(this);}; - + void Dequeue(); + /** \brief Rename a file without modifying its timestamp. * * Many item methods call this as their final action. -- cgit v1.2.3