Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

APT whitelist request for puredata-dev #1105

Open
umlaeute opened this issue Sep 3, 2015 · 4 comments
Open

APT whitelist request for puredata-dev #1105

umlaeute opened this issue Sep 3, 2015 · 4 comments
Labels
apt-safelist-check-run apt-whitelist-check-run

Comments

@umlaeute
Copy link

umlaeute commented Sep 3, 2015

No description provided.

travisbot pushed a commit to travis-ci/apt-whitelist-checker that referenced this issue Sep 4, 2015
Run test for travis-ci/apt-package-safelist#1105. (puredata-dev)
edacb18
@travisbot
Copy link

_This is an automated comment._

Ran tests and found setuid bits by purely textual search. Further analysis is required.

If these are found to be benign, examine http://github.com/travis-ci/apt-package-whitelist/tree/test-apt-package-whitelist-1105 and its PR.

Packages found: puredata puredata-core puredata-gui puredata-doc puredata-dev puredata-utils puredata-extra

See https://travis-ci.org/travis-ci/apt-whitelist-checker/builds/78739238 for details.

travisbot pushed a commit that referenced this issue Sep 4, 2015
Add puredata to ubuntu-precise; resolves #1105
77b8faa 
Packages: puredata puredata-core puredata-gui puredata-doc puredata-dev puredata-utils puredata-extra
@travisbot travisbot mentioned this issue Sep 4, 2015
Open
@umlaeute
Copy link
Author

umlaeute commented Sep 4, 2015

just to explain the setuid stuff: Pd (aka puredata, the source package for puredata-dev) is a real-time audio processing system. as such it is often run with higher-than-normal privileges.
in order to obtain real-time privileges, Pd can be run with setuid enabled, and this is mentioned in the documentation (most hits in the travis test-scripts returned documentation).
if the puredata binary is setuid'ed, it drops root-priviliges asap; for doing this, the code contains a few setuid(getuid()) calls (explaining the other hits).

The binaries in the Debian packages do not have the setuid bit set.

anyhow, all this only concerns the puredata-core package; the request was about puredata-dev which only contains a bunch of headers and no executable code.

@umlaeute umlaeute mentioned this issue Apr 26, 2016
Merged
BanzaiMan pushed a commit to travis-ci/apt-whitelist-checker that referenced this issue Oct 11, 2018
Run test for travis-ci/apt-package-safelist#1105 in dist precise. (pu…
fb925e8 
…redata-dev)
travisbot pushed a commit to travis-ci/apt-whitelist-checker that referenced this issue Oct 12, 2018
Run test for travis-ci/apt-package-safelist#1105 in dist precise. (pu…
90f07d0 
…redata-dev)
@travisbot
Copy link

This is an automated comment.

Ran tests and found setuid bits by purely textual search. Further analysis is required.

If these are found to be benign, examine http://github.com/travis-ci/apt-package-whitelist/compare/test-apt-package-whitelist-1105 and its PR.

Packages found: puredata puredata-core puredata-gui puredata-doc puredata-dev puredata-utils puredata-extra

See https://travis-ci.org/travis-ci/apt-whitelist-checker/builds/440491858 for details.

@umlaeute
Copy link
Author

is this real?

*Ubuntu 14.04 (trusty)" had puredata-0.45.
i can't remember which Ubuntu version had puredata-0.43 (it was released in 2012).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
apt-safelist-check-run apt-whitelist-check-run
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@umlaeute @travisbot