Your message dated Thu, 26 Jun 2008 16:36:10 -0400
with message-id <[EMAIL PROTECTED]>
and subject line Re: checkinstall: Unsafe temp dir creation
has caused the Debian Bug report #488140,
regarding checkinstall: Unsafe temp dir creation
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [EMAIL PROTECTED]
immediately.)
--
488140: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=488140
Debian Bug Tracking System
Contact [EMAIL PROTECTED] with problems
--- Begin Message ---
Package: checkinstall
Version: 1.6.1-6
Severity: grave
Tags: security patch
Justification: user security hole
*** Please type ddyour report below this line ***
Checkinstall (and installwatch) create temporary directories manually
instead of using mktemp, which creates a race condition.
The attached patch changes these into calls to mktemp, which is secure.
-- System Information:
Debian Release: lenny/sid
APT prefers unstable
APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.25-preempt (SMP w/2 CPU cores; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages checkinstall depends on:
ii dpkg-dev 1.15.0 Debian package development tools
ii file 4.24-2 Determines file type using "magic"
ii findutils 4.4.0-2 utilities for finding files--find,
ii libc6 2.7-12 GNU C Library: Shared libraries
Versions of packages checkinstall recommends:
ii make 3.81-5 The GNU version of the "make" util
-- no debconf information
Index: checkinstall
===================================================================
--- checkinstall (revision 10000)
+++ checkinstall (working copy)
@@ -965,16 +965,8 @@
# Find a safe TMP_DIR
-TMP_DIR=${BASE_TMP_DIR}/`awk 'BEGIN { srand(); for (i=1;i<22;i++) { a=95;
while (a > 90 && a < 97) { a=65+int(50*rand())}; printf("%c", a) } }'`
-[ -e "$TMP_DIR" ] && rm -rf $TMP_DIR
-if [ -e "$TMP_DIR" ]; then
- echo
- echog "My temp dir exists already.\nThis looks like a symlink attack!"
- echo
- echog "*** Aborting"
- echo
- exit 1
-fi
+TMP_DIR=`mktemp -q -d -p "${BASE_TMP_DIR}"`
+RETURN=$?
if [ "$TMP_DIR" = "$BASE_TMP_DIR" -o "$TMP_DIR" = "/" ]; then
echo
@@ -985,11 +977,6 @@
exit 1
fi
-
-mkdir $TMP_DIR
-chmod 700 $TMP_DIR
-RETURN=$?
-
if [ $RETURN -gt 0 ]; then
echo
echog "**** Failed to create temp dir! \n**** Do you have write permission
for %s? \n\n**** Aborting installation." "$BASE_TMP_DIR"
Index: installwatch-0.7.0beta5/installwatch
===================================================================
--- installwatch-0.7.0beta5/installwatch (revision 10000)
+++ installwatch-0.7.0beta5/installwatch (working copy)
@@ -74,31 +74,8 @@
local mkt_refdir=$1
local mkt_wrkdir=""
- mkt_wrkdir=${BASE_TMP_DIR}/\
-`awk 'BEGIN {\
- srand();\
- for (i=1;i<21;i++) {\
- a=95;\
- while (a > 90 && a < 97) {\
- a=65+int(50*rand())\
- };\
- printf("%c", a) \
- }\
-}'`
-
- [ -e "${mkt_wrkdir}" ] && rm -rf ${mkt_wrkdir}
- if [ -e "${mkt_wrkdir}" ]; then
- echo
- echo "Error : My temp dir exists already. This looks like a
symlink attack!"
- echo
- echo "*** Aborting ***"
- echo
- exit 1
- fi
+ mkt_wrkdir=`mktemp -q -d -p ${BASE_TMP_DIR}`
- mkdir ${mkt_wrkdir}
- chmod 0700 ${mkt_wrkdir}
-
eval $mkt_refdir=\$mkt_wrkdir
}
--- End Message ---
--- Begin Message ---
Version: 1.6.1-7
The patch was applied on version 1.6.1-7.
Saludos,
Felipe Sateler
signature.asc
Description: This is a digitally signed message part.
--- End Message ---
