[Rpm-maint] [rpm-software-management/rpm] RPMFI_FLAGS_ONLY_FILENAMES doesn't prevent file signatures (Issue #2425)

Panu Matilainen Fri, 10 Mar 2023 05:46:38 -0800

RPMFI_NOFILESIGNATURES and RPMFI_NOVERITYSIGNATURES should be included in the 
RPMFI_FLAGS_ONLY_FILENAMES mask but are not, so eg `rpmfiNew (ts, h, 
RPMTAG_BASENAMES, RPMFI_FLAGS_ONLY_FILENAMES)` ends up loading both IMA and 
FSVERITY signatures into the file iterator when it should not.


The signatures aren't relevant for bunch of other operations too, so review the 
other masks too, at least RPMFI_FLAGS_FILETRIGGER should include both signature 
disablers and RPMFI_FLAGS_ONLY_FILENAMES would inherit it from there.

-- 
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/issues/2425
You are receiving this because you are subscribed to this thread.

Message ID: <rpm-software-management/rpm/issues/2...@github.com>

_______________________________________________
Rpm-maint mailing list
Rpm-maint@lists.rpm.org
http://lists.rpm.org/mailman/listinfo/rpm-maint

[Rpm-maint] [rpm-software-management/rpm] RPMFI_FLAGS_ONLY_FILENAMES doesn't prevent file signatures (Issue #2425)

Reply via email to