[Bug 165314] Review Request: kismet -- A WLAN detector, sniffer and IDS
bugzilla at redhat.com
bugzilla at redhat.com
Thu Mar 16 17:39:26 UTC 2006
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
Summary: Review Request: kismet -- A WLAN detector, sniffer and IDS
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=165314
------- Additional Comments From j.w.r.degoede at hhs.nl 2006-03-16 12:39 EST -------
Okay, I took a serious look today. I must say I don't like your deviation from
the standard FE practices all the %global stuff is ugly and is clearly meant for
building outside the FE infrastructure, which is not something we wish to support.
However your other packages already in FE (and thus approved) use similar
constructions and if you ever orphan this package stripping this uglyness will
be easy enough. So concedering this and since besides your (smallish) FE
practices deviations you do great work I'll let this slip / be as is.
What however is a problem is the fact that the SRPM does not build as a normal user:
+ /usr/bin/make DESTDIR=/var/tmp/kismet-0.0.2005.08.R1-1-root install
/usr/bin/make -e commoninstall
make[1]: Entering directory `/usr/src/redhat/BUILD/kismet-2005-08-R1'
mkdir -p /var/tmp/kismet-0.0.2005.08.R1-1-root/etc/kismet
mkdir -p /var/tmp/kismet-0.0.2005.08.R1-1-root/usr/bin
install -o "root" -g "root" -m 755 scripts/kismet
/var/tmp/kismet-0.0.2005.08.R1-1-root/usr/bin/kismet
install: cannot change ownership of
`/var/tmp/kismet-0.0.2005.08.R1-1-root/usr/bin/kismet': Operation not permitted
make[1]: *** [commoninstall] Error 1
make[1]: Leaving directory `/usr/src/redhat/BUILD/kismet-2005-08-R1'
This also explains why I didn't see any special rights and user %attr under
%files. Please make the compile work as a normal user and use %attr todo _all_
the special stuff, so that one can see from the spec that this is a suid binary
which currently cannot be seen from the spec.
Also why exactly does kismet need its own user? I assume this is done so that
any possible exploits in kismet can't do much damage since the exploit will run
as user kismet?
And why does kismet have /var/lib/kismet as homedir? since its a disabled
account it doesn't need one couldn't you just create a /var/log/kismet, drop the
logs there and not under /var/lib/kismet/logs and also use /var/log/kismet as
the homedir? AFAIK there will be no files needed / created under the homedir so
there is no need for a seperate home and logs dir.
And whats with the gps being disabled with ./configure and then packaged as
-extras that doesn't make sense?
--
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
More information about the fedora-extras-list
mailing list