Bug 16009 - /usr/bin/skipstone-bin shouldn't be in the PATH
: /usr/bin/skipstone-bin shouldn't be in the PATH
Status: CLOSED FIXED
: Sisyphus
(All bugs in Sisyphus/skipstone)
: unstable
: all Linux
: P2 minor
Assigned To:
:
:
:
:
:
  Show dependency tree
 
Reported: 2008-06-13 21:07 by
Modified: 2009-05-10 09:33 (History)


Attachments


Note

You need to log in before you can comment on or make changes to this bug.


Description From 2008-06-13 21:07:28
skipstone-1.0.0-alt2

There is no use in /usr/bin/skipstone-bin being in $PATH, since it mustn't be
run directly:

$ skipstone-bin
skipstone-bin: error while loading shared libraries: libgtkembedmoz.so: cannot
open shared object file: No such file or directory
$ 

I suggest to hide it somewhere under /usr/lib/.
------- Comment #1 From 2008-06-14 12:19:09 -------
> There is no use in /usr/bin/skipstone-bin being in $PATH
Well, upstream doesn't think so:

--- src/skipstone.in
if [ -f ./skipstone-bin ]; then
        exec ./skipstone-bin $@
else
        exec skipstone-bin $@
fi
---

but I'll do it for you :-)
------- Comment #2 From 2008-06-14 23:25:48 -------
Fixed in 1.0.0-alt3
------- Comment #3 From 2008-06-19 03:11:35 -------
(In reply to comment #2)
> Fixed in 1.0.0-alt3

Thanks!

Of course you could have decided that it's not a bug. If there are reasonable
reasons...
------- Comment #4 From 2008-06-19 03:35:25 -------
(In reply to comment #1)
> > There is no use in /usr/bin/skipstone-bin being in $PATH
> Well, upstream doesn't think so:

BTW, the thing you quoted must be terrible! For the security. 

> --- src/skipstone.in
> if [ -f ./skipstone-bin ]; then
>         exec ./skipstone-bin $@
> else

Welcome, virus! (or just a thoughtless error)

$ cat > skipstone-bin
echo Hi i am a virus
$ chmod a+x skipstone-bin
$ skipstone 
Hi i am a virus
$ rpm -qf $(which skipstone)
skipstone-1.0.0-alt3
$