Bug List: (8 of 13) First Last Prev Next   Show last search results
Bug 1143662 - AUDIT-FIND: obs-service-python_sdist: runs untrusted setup.py
Summary: AUDIT-FIND: obs-service-python_sdist: runs untrusted setup.py
Status: RESOLVED INVALID
Alias: None
Product: SUSE Security Incidents
Classification: Novell Products
Component: Audits (show other bugs)
Version: unspecified
Hardware: Other Other
: P5 - None : Minor
Target Milestone: ---
Assignee: Adrian Schröter
QA Contact: Security Team bot
URL:
Whiteboard:
Keywords:
Depends on:
Blocks: 1119444
  Show dependency treegraph
 
Reported: 2019-07-31 14:23 UTC by Malte Kraus
Modified: 2022-02-24 09:44 UTC (History)
0 users

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Malte Kraus 2019-07-31 14:23:30 UTC 
runs untrusted setup.py
Comment 1 Johannes Segitz 2020-11-25 07:46:23 UTC 
It does, but that's kind of the point here ;) The alternative would be that user runs it himself, so I see no additional exposure. It abstracts that a bit so that users might not be as aware, but OTOH this is used by experienced users that should know that.
Comment 2 Johannes Segitz 2022-02-24 09:44:00 UTC 
I still see it this way. Reopen if you disagree
Bug List: (8 of 13) First Last Prev Next   Show last search results