[OE-core] host-user-contaminated QA check

Seebs seebs at seebs.net
Thu Feb 2 16:21:05 UTC 2017


On Thu, 02 Feb 2017 11:38:00 +0100
Patrick Ohly <patrick.ohly at intel.com> wrote:

> Why do we make the real user ID on the build system visible at all
> when running under pseudo? The uid and user name have no meaning
> there, as the user won't exist on the target system. Instead we could
> map the owner of all files to root:root by default, i.e. in those
> cases where no other ownership is recorded in the pseudo database.

We could. Honestly, the underlying reason we don't is at least in part
that that makes the behavior differ more from the behavior of "sudo";
with sudo, you see actual ownerships. But that's less applicable here.

I would be more inclined to report a Definitely Absolutely Not Okay
user ID, like 65533. (65534 and 65535 have both been used as Magic
Cookies in the past, I think.)

-s



More information about the Openembedded-core mailing list