* arch/ppc/Makefile wiping out /dev/null
@ 2004-04-01 20:42 John Whitney
2004-04-02 4:50 ` Ethan Benson
0 siblings, 1 reply; 4+ messages in thread
From: John Whitney @ 2004-04-01 20:42 UTC (permalink / raw)
To: linuxppc-dev
[-- Attachment #1: Type: text/plain, Size: 1032 bytes --]
In arch/ppc/Makefile, the line
NEW_AS := $(shell echo dssall | $(AS) -o /dev/null >/dev/null 2>&1 ;
echo $$?)
is causing my host's /dev/null file to be wiped out if I don't specify
CROSS_COMPILE, and the hosts' "as" is getting called instead of the
cross-compiler. Apparently, "as" assumes that the file specified by
"-o file" belongs to it, and deletes it if an error occurs in the
compilation process. I get this happening to me when I issue the
command:
sudo make ARCH=ppc INSTALL_MOD_PATH=<path> modules_install
In this case, I wasn't compiling anything so I didn't specify
CROSS_COMPILE, with the aforementioned result. I've attached a patch
for this file which changes the offending line to:
NEW_AS := $(shell echo dssall | $(AS) -o /tmp/.as.$$$$ >/dev/null 2>&1
; echo $$?)
Which appears to work as intended (at least, my 2.14 binutils
ppc7xx-linux-as returns a value of 0 for this, and the failing x86 "as"
is returning 1, which I believe is the expected behavior), and doesn't
cause /dev/null to be deleted.
John
[-- Attachment #2: Makefile.patch --]
[-- Type: application/octet-stream, Size: 458 bytes --]
--- linuxppc-2.6.5-rc2.orig/arch/ppc/Makefile 2004-04-01 14:20:36.000000000 -0500
+++ linuxppc-2.6.5-rc2/arch/ppc/Makefile 2004-04-01 15:31:07.000000000 -0500
@@ -87,7 +87,7 @@
ifdef CONFIG_6xx
# Ensure this is binutils 2.12.1 (or 2.12.90.0.7) or later
-NEW_AS := $(shell echo dssall | $(AS) -o /dev/null >/dev/null 2>&1 ; echo $$?)
+NEW_AS := $(shell echo dssall | $(AS) -o /tmp/.as.$$$$ >/dev/null 2>&1 ; echo $$?)
GOODVER := 2.12.1
else
NEW_AS := 0
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: arch/ppc/Makefile wiping out /dev/null
2004-04-01 20:42 arch/ppc/Makefile wiping out /dev/null John Whitney
@ 2004-04-02 4:50 ` Ethan Benson
2004-04-03 4:16 ` John Whitney
0 siblings, 1 reply; 4+ messages in thread
From: Ethan Benson @ 2004-04-02 4:50 UTC (permalink / raw)
To: linuxppc-dev
On Thu, Apr 01, 2004 at 03:42:44PM -0500, John Whitney wrote:
>
> NEW_AS := $(shell echo dssall | $(AS) -o /tmp/.as.$$$$ >/dev/null 2>&1
> ; echo $$?)
depending on the behavior of $(AS) this is not secure.
--
Ethan Benson
http://www.alaska.net/~erbenson/
** Sent via the linuxppc-dev mail list. See http://lists.linuxppc.org/
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: arch/ppc/Makefile wiping out /dev/null
2004-04-02 4:50 ` Ethan Benson
@ 2004-04-03 4:16 ` John Whitney
2004-04-03 4:32 ` Ethan Benson
0 siblings, 1 reply; 4+ messages in thread
From: John Whitney @ 2004-04-03 4:16 UTC (permalink / raw)
To: Ethan Benson; +Cc: linuxppc-dev
Ethan,
Can you explain the insecurity a bit more? Any ideas on a better
construct that won't cause /dev/null to be erased in some cases? I
just want a solution, it doesn't have to be the one I put in there. :-)
Would it be possible just to do something like "$(AS) --version"
instead, as this code is theoretically just checking for an old version
of as?
John
On Apr 1, 2004, at 11:50 PM, Ethan Benson wrote:
>
> On Thu, Apr 01, 2004 at 03:42:44PM -0500, John Whitney wrote:
>>
>> NEW_AS := $(shell echo dssall | $(AS) -o /tmp/.as.$$$$ >/dev/null 2>&1
>> ; echo $$?)
>
> depending on the behavior of $(AS) this is not secure.
** Sent via the linuxppc-dev mail list. See http://lists.linuxppc.org/
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: arch/ppc/Makefile wiping out /dev/null
2004-04-03 4:16 ` John Whitney
@ 2004-04-03 4:32 ` Ethan Benson
0 siblings, 0 replies; 4+ messages in thread
From: Ethan Benson @ 2004-04-03 4:32 UTC (permalink / raw)
To: linuxppc-dev
On Fri, Apr 02, 2004 at 11:16:55PM -0500, John Whitney wrote:
>
> Can you explain the insecurity a bit more? Any ideas on a better
$$ maps to the process pid, which is not hard to predict, especially
on linux where PIDs are allocated incrementally rather then randomly.
so unless $(AS) opens its output file O_EXCL there is a race where
someone can create a symlink or hardlink to another file as
/tmp/.as.$$$$, $(AS) will then overwrite the target with its output.
(even if it unlinks the file first, thats no good unless its final
open() includes the O_EXCL flag).
short story it lets another user destroy any file you have
permissions to, if your building as root (bad idea) that means anything.
> construct that won't cause /dev/null to be erased in some cases? I
> just want a solution, it doesn't have to be the one I put in there.
> :-)
well its a good reason to never build software as root, build as a
user, then bugs like this won't break your system.
but in any event im not sure you even need -o at all..
if not then id suggest just creating the file in the object root,
where any other .o file would be build, then be sure to rm it. since
the build root and source tree is typically not writable by other
users there isn't a security issue that way.
> Would it be possible just to do something like "$(AS) --version"
> instead, as this code is theoretically just checking for an old
> version of as?
theres a lot of crap in that output, and distros seem to like to screw
with it, so thats probably fragile.
--
Ethan Benson
http://www.alaska.net/~erbenson/
** Sent via the linuxppc-dev mail list. See http://lists.linuxppc.org/
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2004-04-03 4:32 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2004-04-01 20:42 arch/ppc/Makefile wiping out /dev/null John Whitney
2004-04-02 4:50 ` Ethan Benson
2004-04-03 4:16 ` John Whitney
2004-04-03 4:32 ` Ethan Benson
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).