[Openstack-security] [openstack/cinder] SecurityImpact review request change Iad1682abb0f2f004f559090358a38a845908fdf4
gerrit2 at review.openstack.org
gerrit2 at review.openstack.org
Sat Feb 7 11:27:18 UTC 2015
Hi, I'd like you to take a look at this patch for potential
SecurityImpact.
https://review.openstack.org/153782
Log:
commit a15434e9ec3ae1e958b66bdcd73a4844c1e5306f
Author: Eric Harney <eharney at redhat.com>
Date: Sat Feb 7 12:19:19 2015 +0100
Revert "rtstool on Ubuntu installs in /usr/local/bin"
This reverts commit c85bd876d3ae4b6e29bb040a49e43d3ba46b6039.
cinder-rtstool is installed by setup.py/setup.cfg, the same
way that cinder-api, cinder-volume, etc., are installed.
If it is installing in /usr/local/bin/, that sounds like a
packaging or deployment bug. The upstream Cinder package
should not have a responsibility to cover /usr/local/bin/.
(Ubuntu packages install this binary correctly in
/usr/bin/ anyway per Ubuntu packaging rules, AFAICT.)
SecurityImpact: rootwrap configuration
Change-Id: Iad1682abb0f2f004f559090358a38a845908fdf4
More information about the Openstack-security
mailing list