Regression in itw from Tue Mar 26
Adam Domurad
adomurad at redhat.com
Thu Apr 18 09:45:31 PDT 2013
The test seems wrong to me, which needs to be clarified before we can
properly address if this is a problem. I don't see any case where
SecurityDesc could have a null file, and this is the code causing the
difference:
} else if (signing == true) {
this.security = file.getSecurity();
} else {
this.security = new SecurityDesc(file,
SecurityDesc.SANDBOX_PERMISSIONS,
codebase.getHost());
If it's signing, it carries on the null file, if not, it overwrites with
its own SecurityDesc. Am I missing something ? What does a null-file
signify ? Looking at the code-paths that create SecurityDesc's it seems
like it cannot happen.
There may still be an issue, however it would not have been introduced
by my code.
Thanks,
-Adam
More information about the distro-pkg-dev
mailing list