From: Ethan Benson <erbenson@alaska.net>
To: linuxppc-dev@lists.linuxppc.org
Subject: Re: arch/ppc/Makefile wiping out /dev/null
Date: Fri, 2 Apr 2004 19:32:26 -0900 [thread overview]
Message-ID: <20040403043226.GO21226@plato.local.lan> (raw)
In-Reply-To: <BDE6B8B0-8525-11D8-9FF0-000A95A07384@sands-edge.com>
On Fri, Apr 02, 2004 at 11:16:55PM -0500, John Whitney wrote:
>
> Can you explain the insecurity a bit more? Any ideas on a better
$$ maps to the process pid, which is not hard to predict, especially
on linux where PIDs are allocated incrementally rather then randomly.
so unless $(AS) opens its output file O_EXCL there is a race where
someone can create a symlink or hardlink to another file as
/tmp/.as.$$$$, $(AS) will then overwrite the target with its output.
(even if it unlinks the file first, thats no good unless its final
open() includes the O_EXCL flag).
short story it lets another user destroy any file you have
permissions to, if your building as root (bad idea) that means anything.
> construct that won't cause /dev/null to be erased in some cases? I
> just want a solution, it doesn't have to be the one I put in there.
> :-)
well its a good reason to never build software as root, build as a
user, then bugs like this won't break your system.
but in any event im not sure you even need -o at all..
if not then id suggest just creating the file in the object root,
where any other .o file would be build, then be sure to rm it. since
the build root and source tree is typically not writable by other
users there isn't a security issue that way.
> Would it be possible just to do something like "$(AS) --version"
> instead, as this code is theoretically just checking for an old
> version of as?
theres a lot of crap in that output, and distros seem to like to screw
with it, so thats probably fragile.
--
Ethan Benson
http://www.alaska.net/~erbenson/
** Sent via the linuxppc-dev mail list. See http://lists.linuxppc.org/
prev parent reply other threads:[~2004-04-03 4:32 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2004-04-01 20:42 arch/ppc/Makefile wiping out /dev/null John Whitney
2004-04-02 4:50 ` Ethan Benson
2004-04-03 4:16 ` John Whitney
2004-04-03 4:32 ` Ethan Benson [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20040403043226.GO21226@plato.local.lan \
--to=erbenson@alaska.net \
--cc=linuxppc-dev@lists.linuxppc.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).