From ad6be9f7c5761de0d1d9a82818250cbaf15aa0b3 Mon Sep 17 00:00:00 2001 From: Michael Tremer Date: Fri, 17 Mar 2023 12:17:31 +0000 Subject: [PATCH] FHS: Check for correct location and permission of shared objects Signed-off-by: Michael Tremer --- src/libpakfire/fhs.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/src/libpakfire/fhs.c b/src/libpakfire/fhs.c index c8f8b48e5..4a84b677f 100644 --- a/src/libpakfire/fhs.c +++ b/src/libpakfire/fhs.c @@ -65,6 +65,13 @@ static const struct pakfire_fhs_check { { "/usr/bin/*", S_IFREG, 0755, "root", "root", 0 }, { "/usr/sbin/*", S_IFREG, 0755, "root", "root", 0 }, + // Shared Libraries must be executable + { "/usr/lib64/*.so.*", S_IFREG, 0755, "root", "root", 0 }, + { "/usr/lib64/**/*.so", S_IFREG, 0755, "root", "root", 0 }, + + // Shared Libraries must not exist in /usr/lib + { "/usr/lib/*.so*", S_IFREG, 0, NULL, NULL, PAKFIRE_FHS_MUSTNOTEXIST }, + // /usr/include: Ensure that: // * All files are non-executable and belong to root // * All directories have 0755 and belong to root -- 2.39.5