On Mon, Aug 10, 2015 at 01:32:54AM +0200, Jakub Wilk wrote:
> * Jakub Wilk , 2015-06-20, 17:04:
> >pbuilder builds the package in $BUILDPLACE/tmp/buildd. But $BUILDPLACE/tmp
> >is normally world-writable, and pbuilder doesn't fail if the buildd
> >direcory already exists:
> >
> > mkdir -p "$BUILDP
Correction:
* Jakub Wilk , 2015-06-20, 17:04:
pbuilder builds the package in $BUILDPLACE/tmp/buildd. But
$BUILDPLACE/tmp is normally world-writable, and pbuilder doesn't fail
if the buildd direcory already exists:
mkdir -p "$BUILDPLACE/tmp/buildd"
There's a race window between unpacking ba
On Sun, Aug 09, 2015 at 09:05:12PM +, Thorsten Glaser wrote:
> The current “let's move the build dir” stinks much more, why
> not pre-create /tmp/build in the chroot to be writable only
> to the buildd user?
pbuilder currently creates /tmp/buildd at chroot creation time, just after
debootstrap
Jakub Wilk dixit:
> And there's DoS aspect: local user could stuff chroot's /tmp with garbage,
> which pbuilder then will have to compress and later decompress on every build.
Meh, it's probably trivial to let it create the chroot inside
a temporary directory other users may not traverse.
The cu
* Mattia Rizzolo , 2015-08-08, 17:00:
I don't see how changing it can fix #789401, though.
It would improve the situation, as a malicious local user can not plant
the build dir any more
Right. But there might be other /tmp vulnerabilities (in pbuilder or
elsewhere) that #789401 would ease exp
Control: tags -1 pending
Control: severity 789401 important
On Wed, Aug 05, 2015 at 01:33:43PM +0200, Jakub Wilk wrote:
> * Mattia Rizzolo , 2015-08-04, 07:41:
> >>pbuilder builds the package in $BUILDPLACE/tmp/buildd. But
> >>$BUILDPLACE/tmp is normally world-writable, and pbuilder doesn't fail i
* Mattia Rizzolo , 2015-08-04, 07:41:
pbuilder builds the package in $BUILDPLACE/tmp/buildd. But
$BUILDPLACE/tmp is normally world-writable, and pbuilder doesn't fail
if the buildd direcory already exists:
mkdir -p "$BUILDPLACE/tmp/buildd"
There's a race window between unpacking base.tgz a
On Sat, Jun 20, 2015 at 05:04:03PM +0200, Jakub Wilk wrote:
> pbuilder builds the package in $BUILDPLACE/tmp/buildd. But $BUILDPLACE/tmp
> is normally world-writable, and pbuilder doesn't fail if the buildd direcory
> already exists:
>
>mkdir -p "$BUILDPLACE/tmp/buildd"
>
> There's a race win
Source: pbuilder
Version: 0.215+nmu3
Severity: grave
Tags: security
pbuilder builds the package in $BUILDPLACE/tmp/buildd.
But $BUILDPLACE/tmp is normally world-writable, and pbuilder doesn't
fail if the buildd direcory already exists:
mkdir -p "$BUILDPLACE/tmp/buildd"
There's a race wind
9 matches
Mail list logo
