[Yum-devel] writing out the cache and yum-utils
Panu Matilainen
pmatilai at laiskiainen.org
Sat Jun 18 12:07:34 UTC 2005
On Sat, 2005-06-18 at 07:50 -0400, seth vidal wrote:
> > Yes, whatever is better than requiring root for something that doesn't
> > require root at all. I would perhaps go as far as just using something
> > like /var/tmp/yum-cache-$USER *by default* when not running as root.
> > Perhaps even $TMP/yum-cache-$USER if $TMP is defined for the user?
>
> you'd still need to make it a randomly determined dir (mkstemp)
> otherwise we'd be opening up for an exploit.
Yep, I'm aware that's basically open for exploit but you'll need to save
the dir name someplace otherwise. It's not much of an cache if it's
recreated from scratch on each run :-/
- Panu -
More information about the Yum-devel
mailing list