diff options
| author | David Kalnischkies <david@kalnischkies.de> | 2016-11-25 15:15:01 +0100 |
|---|---|---|
| committer | David Kalnischkies <david@kalnischkies.de> | 2016-12-16 13:50:00 +0100 |
| commit | 78db35195eddcd156130fff9ea3e895b30cbf9c3 (patch) | |
| tree | 93827ea711fae53ed1923ad157cdacaa90c2b45f /apt-pkg | |
| parent | f47f4b195b4a4f8e72a6a120ed47a3d0120cd033 (diff) | |
reword "Can't drop priv" warning message
Note: This is a warning about disabling a security feature. It is
supposed to be scary as we are disabling a security feature and we
can't just be silent about it! Downloads really shouldn't happen
any longer as root to decrease the attack surface – but if a warning
causes that much uproar, consider what an error would do…
The old WARNING message:
| W: Can't drop privileges for downloading as file 'foobar' couldn't be
| accessed by user '_apt'. - pkgAcquire::Run (13: Permission denied)
is frequently (incorrectly) considered to be an error message indicating
that the download didn't happen which isn't the case, it was performed,
but without all the security features enabled we could have used if run
from some other place…
The word "unsandboxed" is chosen as the term 'sandbox(ed)' is a common
encounter in feature lists/changelogs and more people are hopefully able
to make the connection to 'security' than it is the case for 'privilege
dropping' which is more correct, but far less known.
Closes: #813786
LP: #1522675
Diffstat (limited to 'apt-pkg')
| -rw-r--r-- | apt-pkg/acquire.cc | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/apt-pkg/acquire.cc b/apt-pkg/acquire.cc index 9ceb507f6..ac925e72e 100644 --- a/apt-pkg/acquire.cc +++ b/apt-pkg/acquire.cc @@ -622,7 +622,7 @@ static void CheckDropPrivsMustBeDisabled(pkgAcquire const &Fetcher) // if destination file is inaccessible all hope is lost for privilege dropping if (IsAccessibleBySandboxUser((*I)->DestFile, true) == false) { - _error->WarningE("pkgAcquire::Run", _("Can't drop privileges for downloading as file '%s' couldn't be accessed by user '%s'."), + _error->WarningE("pkgAcquire::Run", _("Download is performed unsandboxed as root as file '%s' couldn't be accessed by user '%s'."), (*I)->DestFile.c_str(), SandboxUser.c_str()); _config->Set("APT::Sandbox::User", ""); break; @@ -639,7 +639,7 @@ static void CheckDropPrivsMustBeDisabled(pkgAcquire const &Fetcher) if (IsAccessibleBySandboxUser(source.Path, false) == false) { - _error->NoticeE("pkgAcquire::Run", _("Can't drop privileges for downloading as file '%s' couldn't be accessed by user '%s'."), + _error->NoticeE("pkgAcquire::Run", _("Download is performed unsandboxed as root as file '%s' couldn't be accessed by user '%s'."), source.Path.c_str(), SandboxUser.c_str()); _config->CndSet("Binary::file::APT::Sandbox::User", "root"); _config->CndSet("Binary::copy::APT::Sandbox::User", "root"); |