On Sun, 2008-09-07 at 14:30 -0400, Jeff Johnson wrote:
> On Sep 7, 2008, at 2:19 PM, Alexey Tourbin wrote:
> > On Sun, Sep 07, 2008 at 12:10:18PM -0400, Jeff Johnson wrote:
> >> There's a class of infinite recursion problems with manifests used
> >> on the rpm CLI that I don't know to fix.
> >> A manifest is a file containing a list of paths to packages (or other
> >> manifests)
> > Forbid manifest files from within manifests.
> Actually I think you're on to something here.
> I can easily associate a recursion level with each arg, and do level++
> when opening item as a manifest.
> With a recursion level, the recursion can be limited.
> So "Forbid manifests" becomes same is "fail if level > 0", and
> forbidding manifests withing manifests is same as "fail if level > 1".
> Note that URI's are also permitted in manifests, and so "cross site
> scripting" needs to be avoided with URI affinity as well.
Instead of using a list, use a tree. Make level 0 the spec your
starting at, build the tree down a level each time you process a list,
and refuse to put the same item in the tree twice.
Doug Ledford <email@example.com>
GPG KeyID: CFBFF194
Infiniband specific RPMs available at
Received on Mon Sep 8 16:00:27 2008