On Thu, 11 May 2000, Carlos Puchol wrote:
| hi, thanks for your tip.
| it looks like the problematic part of the rpm spec is this one:
|
| %install
| rm -rf $RPM_BUILD_ROOT
| make prefix=$RPM_BUILD_ROOT/usr \
| sharedir=$RPM_BUILD_ROOT/etc \
| sysconfdir=$RPM_BUILD_ROOT/etc \
| docdir=$RPM_BUILD_ROOT/usr/doc/mutt-%{version} install
|
| i don't know much about rpms, but
| i have tried removing the $RPM_BUILD_ROOT, and what
| happens is that when the install time comes,
| it tries to overwrite stuff in /etc, naturally, however,
| i always compile rpms as a uder, never as root, to
| prevent percisely these kinds of security violations.
| do you have any suggestions?
It is the $RPM_BUILD_ROOT that allows users to build rpms. The install is
all done under $RPM_BUILD_ROOT and then that prefix is stripped by by RPM
in the %files section. The problem arises when somebody hardcodes a path
that should be $RPM_BUILD_ROOT into part of the spec file.
| alternatively, are there any suggestions of
| some place to get some decent
| (s)rpms that of mutt 1.2?
| thanks for your help,
|
| ++ carlos
