folkslinux
/
rpmlint
mirror of https://github.com/rpm-software-management/rpmlint.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Spelling fixes, wrap long lines.

This commit is contained in:
Ville Skyttä 2013-05-09 18:05:45 +03:00
parent f14706d245
commit 778c7f40ff
1 changed files with 13 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
BinariesCheck.py
View File

@ -626,28 +626,28 @@ http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=256900#49''',
'missing-call-to-setgroups-before-setuid',
'''This executable is calling setuid and setgid without setgroups or initgroups.
There is a high probability this mean it didn't relinquished all groups, and
this would be a potential security issue to be fixed. Seek POS36-C on the web
for details about the problem.''',
There is a high probability this mean it didn't relinquish all groups, and this
would be a potential security issue to be fixed. Seek POS36-C on the web for
details about the problem.''',
'missing-call-to-chdir-with-chroot',
'''This executable appear to call chroot without using chdir to change the current
directory. This is likely a error and permit to attacker to break out of the
chroot by using fchdir. While that's not always a security issue, this has to
be checked.''',
'''This executable appears to call chroot without using chdir to change the
current directory. This is likely an error and permits an attacker to break out
of the chroot by using fchdir. While that's not always a security issue, this
has to be checked.''',
'call-to-mktemp',
'''This executable call mktemp. As advised by the manpage ( mktemp(3) ), this
'''This executable calls mktemp. As advised by the manpage (mktemp(3)), this
function should be avoided. Some implementations are deeply insecure, and there
is a race condition between the time of check and time of use (TOCTOU).
See http://capec.mitre.org/data/definitions/29.html for details, and contact upstream
to have this issue fixed.''',
is a race condition between the time of check and time of use (TOCTOU).
See http://capec.mitre.org/data/definitions/29.html for details, and contact
upstream to have this issue fixed.''',
'unstripped-binary-or-object',
'''This executable should be stripped from debugging symbols, in order to take
less space and be loaded faster. This is usually done automatically at buildtime
by rpm. Check the build logs and the permission on the file ( some implementations
only strip if the permission is 0755 ).'''
by rpm. Check the build logs and the permission on the file (some
implementations only strip if the permission is 0755).'''
)
# BinariesCheck.py ends here