From 78db35195eddcd156130fff9ea3e895b30cbf9c3 Mon Sep 17 00:00:00 2001 From: David Kalnischkies Date: Fri, 25 Nov 2016 15:15:01 +0100 Subject: reword "Can't drop priv" warning message MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Note: This is a warning about disabling a security feature. It is supposed to be scary as we are disabling a security feature and we can't just be silent about it! Downloads really shouldn't happen any longer as root to decrease the attack surface – but if a warning causes that much uproar, consider what an error would do… The old WARNING message: | W: Can't drop privileges for downloading as file 'foobar' couldn't be | accessed by user '_apt'. - pkgAcquire::Run (13: Permission denied) is frequently (incorrectly) considered to be an error message indicating that the download didn't happen which isn't the case, it was performed, but without all the security features enabled we could have used if run from some other place… The word "unsandboxed" is chosen as the term 'sandbox(ed)' is a common encounter in feature lists/changelogs and more people are hopefully able to make the connection to 'security' than it is the case for 'privilege dropping' which is more correct, but far less known. Closes: #813786 LP: #1522675 --- apt-pkg/acquire.cc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'apt-pkg') diff --git a/apt-pkg/acquire.cc b/apt-pkg/acquire.cc index 9ceb507f6..ac925e72e 100644 --- a/apt-pkg/acquire.cc +++ b/apt-pkg/acquire.cc @@ -622,7 +622,7 @@ static void CheckDropPrivsMustBeDisabled(pkgAcquire const &Fetcher) // if destination file is inaccessible all hope is lost for privilege dropping if (IsAccessibleBySandboxUser((*I)->DestFile, true) == false) { - _error->WarningE("pkgAcquire::Run", _("Can't drop privileges for downloading as file '%s' couldn't be accessed by user '%s'."), + _error->WarningE("pkgAcquire::Run", _("Download is performed unsandboxed as root as file '%s' couldn't be accessed by user '%s'."), (*I)->DestFile.c_str(), SandboxUser.c_str()); _config->Set("APT::Sandbox::User", ""); break; @@ -639,7 +639,7 @@ static void CheckDropPrivsMustBeDisabled(pkgAcquire const &Fetcher) if (IsAccessibleBySandboxUser(source.Path, false) == false) { - _error->NoticeE("pkgAcquire::Run", _("Can't drop privileges for downloading as file '%s' couldn't be accessed by user '%s'."), + _error->NoticeE("pkgAcquire::Run", _("Download is performed unsandboxed as root as file '%s' couldn't be accessed by user '%s'."), source.Path.c_str(), SandboxUser.c_str()); _config->CndSet("Binary::file::APT::Sandbox::User", "root"); _config->CndSet("Binary::copy::APT::Sandbox::User", "root"); -- cgit v1.2.3