Johannes Meixner
Johannes Meixner
Currently this is WIP. I need to replace 'source' with 'SourceTrustworthy' at the 43 places where we basically carelessly "just source" various files, see https://github.com/rear/rear/pull/3203#issuecomment-2063439858
Additionally I like to rename the 'Source' function into a more descriptive name that better tells for what use case that function is used. Here where the 'Source' function is...
Hooray! All "testing-farm" tests are green! Only ``` Build Packages / build (push) Failing after ... ``` but I blindly guess that package build failures cannot come from my code...
Oh - how interesting - I gain trust in our CI tests again: My yesterday evening (I had to leave) blind guess in https://github.com/rear/rear/pull/3258#issuecomment-2179011767 was actually wrong - I really...
On SLES15-SP5 with its default LVM and btrfs, cf. https://github.com/rear/rear/wiki/Test-Matrix-rear-2.6#sles-15-sp-1-with-default-lvm-and-btrfs-structure I did a full "rear mkbackup" plus "rear recover" and all worked well for me.
I will keep separated issues separated so this pull request will be only to implement the new SourceTrustworthy function plus adaption of the Source function to use the new SourceTrustworthy...
@schlomo I think you missed to read https://github.com/rear/rear/pull/3258#issuecomment-2178983222 and you missed to have a look at https://github.com/rear/rear/pull/3203#issuecomment-2178737640 https://github.com/rear/rear/pull/3203#issuecomment-2063439858
The assumption that ReaR code is always located under a system directory with sufficiently secure permissions, groups, and file owners does not hold. In particular I do not know what...
Actually using SourceTrustworthy in the Source function was more or less a "side effect" of my original intent to implement a reasonable simple and sufficiently safe function that should replace...
@gdha perhaps I misunderstand you but I assume you mean that instead of only replacing the plain 'source' calls by calling SourceTrustworthy if it wouldn't be safer to actually fix...