|
|
| Applications |
| Mailing Lists |
| Miscellaneous |
| Operating Systems |
| Programming |
Re: r50470 - trunk/packages/kbd-chooser/debian
Date: Mon Dec 17 2007 - 15:21:18 EST
Frans Pop wrote:
> Because a dpkg-reconfigure needs to ask the question even if a keymap is
> installed.
if [ ! -e /etc/whatever_file ] || [ "$1" = reconfigure ]; then
# ask question
fi
> I decided on /tmp as the file really _is_ a temporary file: exists only for
> the duration of the installation. And I made sure it was in a temp
> directory that could be said to be "controlled" by D-I because of its name.
> As you said yourself: there's absolutely no attack vector.
The only reason there is no serious attack vector is because console-common only checks if the file exists. /tmp/debian-installer/ is not "controlled" by d-i post-installation. If I want to prevent the admin from seeing the keymap question, I can now do it, on any Debian system. This *is* a minor security hole.
> > The other option would be debconf preseeding, and preseeding
> > console-data/keymap/policy seen should avoid the question. And would be
> > less ugly than a flag file.
>
> But it would affect an 'aptitude reinstall' of the package.
I don't expect reinstallation of a package to re-ask configuration values. If I want that, I purge the package before reinstalling.
-- see shy jo
-- To UNSUBSCRIBE, email to debian-boot-REQUEST@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
- application/pgp-signature attachment: Digital signature
This archive was generated by hypermail 2.1.8 : Wed Mar 19 2008 - 03:47:12 EDT
|
Contact Us Legal Notices Order Services Online Pantek Home Privacy Policy IT news Site Map Pantek Library |