Re: [PATCH] ExtUtils::MakeMaker and world writable files in dists

Michael G Schwern writes: > Smylers wrote: > > > > I have lying around a prototype for the CPAN shell to warn the user > > > when they run it as root and offer to reconfigure itself to only su > > > for the install. That would help plug the hole. > > > > Yeah, that sounds good. > > > > But onl

Re: [PATCH] ExtUtils::MakeMaker and world writable files in dists

Smylers wrote: >> I have lying around a prototype for the CPAN shell to warn the user >> when they run it as root and offer to reconfigure itself to only su >> for the install. That would help plug the hole. > > Yeah, that sounds good. > > But only for users running CPAN, not anybody who is manu

Re: [PATCH] ExtUtils::MakeMaker and world writable files in dists

Jan Dubois wrote: > On Thu, 13 Nov 2008, Michael G Schwern wrote: >> This is why I want CPAN to return to its common carrier policy. Don't >> inspect >> them, don't open them, don't reject them and especially don't try to fix >> them, >> just leave the packages sealed. > > CPAN (at least the in

Re: [PATCH] ExtUtils::MakeMaker and world writable files in dists

Michael G Schwern writes: > Smylers wrote: > > > you're talking about Cpan being something morally equivalent to a > > common carrier, rather than an actual common carrier in the legal > > sense? > > Yes, because we are not lawyers I don't even want to approach arguing > about the legal definiti

Re: [PATCH] ExtUtils::MakeMaker and world writable files in dists

Smylers wrote: >> [1] "common carrier" is a legal idea from common US/UK law. I don't >> > want to get into the legal mumbo jumbo because we're not lawyers, but >> > invoking the idea is useful and powerful. > > OK, so you're talking about Cpan being something morally equivalent to a > common car

Re: [PATCH] ExtUtils::MakeMaker and world writable files in dists

Michael G Schwern writes: > I use the term "common carrier" [1] because it has a very special > meaning. > > [1] "common carrier" is a legal idea from common US/UK law. I don't > want to get into the legal mumbo jumbo because we're not lawyers, but > invoking the idea is useful and powerful. OK,

Re: [PATCH] ExtUtils::MakeMaker and world writable files in dists

Aristotle Pagaltzis writes: > * Michael G Schwern <[EMAIL PROTECTED]> [2008-11-13 04:15]: > > > I really, really, really don't want PAUSE modifying my stuff after > > it's uploaded. > > Count me in this camp. That's my instinct as well. > I do think that PAUSE could fix this, but it *MUST* req

Re: [PATCH] ExtUtils::MakeMaker and world writable files in dists

Michael G Schwern writes: > Andreas J. Koenig wrote: > > > # umask > > 002 > > # tar xzf > > /home/ftp/pub/PAUSE/authors/id/Y/YV/YVES/ExtUtils-Install-1.51.tar.gz > > # ls -la ExtUtils-Install-1.51 > > total 1104 > > -rwxrwxrwx 1 544 5131765 Mar 3 2008 Build.PL* > > Your tar is no

Re: [PATCH] ExtUtils::MakeMaker and world writable files in dists

* Michael G Schwern <[EMAIL PROTECTED]> [2008-11-13 04:15]: > I really, really, really don't want PAUSE modifying my stuff > after it's uploaded. Oh god the mysterious bugs. And then > there's the fact that the code I've put my name and signature > on is not the same code as is being distributed!

RE: [PATCH] ExtUtils::MakeMaker and world writable files in dists

On Thu, 13 Nov 2008, Michael G Schwern wrote: > This is why I want CPAN to return to its common carrier policy. Don't inspect > them, don't open them, don't reject them and especially don't try to fix them, > just leave the packages sealed. CPAN (at least the indexing part of it) always poked ins

Re: [PATCH] ExtUtils::MakeMaker and world writable files in dists

Andreas J. Koenig wrote: > > Most systems already do this by default, because it's good security > > practice. If you don't have a umask set, that's a basic > > vulnerability *at the user's end*. No amount of hand-holding from > > CPAN will protect the user without a umask. Some other system wi

Re: [PATCH] ExtUtils::MakeMaker and world writable files in dists

demerphq wrote: >> I really, really, really don't want PAUSE modifying my stuff after it's >> uploaded. Oh god the mysterious bugs. And then there's the fact that the >> code I've put my name and signature on is not the same code as is being >> distributed! That's a trust violation as well as ma

Re: [PATCH] ExtUtils::MakeMaker and world writable files in dists

> On Wed, 12 Nov 2008 20:44:45 -0800, Michael G Schwern <[EMAIL PROTECTED]> > said: > Andreas J. Koenig wrote: >>> On Wed, 12 Nov 2008 19:13:40 -0800, Michael G Schwern <[EMAIL >>> PROTECTED]> said: >> >> > Now that the CPAN shells and archiving modules are handling it at t

Re: [PATCH] ExtUtils::MakeMaker and world writable files in dists

On Thu, 13 Nov 2008 05:12:33 +0100, Andreas J. Koenig <[EMAIL PROTECTED]> wrote: On Wed, 12 Nov 2008 19:13:40 -0800, Michael G Schwern <[EMAIL PROTECTED]> said: > Now that the CPAN shells and archiving modules are handling it at their end, I > think the PAUSE filter should be removed. It

Re: [PATCH] ExtUtils::MakeMaker and world writable files in dists

> On Wed, 12 Nov 2008 19:13:40 -0800, Michael G Schwern <[EMAIL PROTECTED]> > said: > Now that the CPAN shells and archiving modules are handling it at their end, I > think the PAUSE filter should be removed. It's not PAUSE's job to be the code > police. It is 'tar xzf CPANFILE.

Re: [PATCH] ExtUtils::MakeMaker and world writable files in dists

> On Wed, 12 Nov 2008 14:51:26 -0600, Jonathan Rockway <[EMAIL PROTECTED]> > said: > I agree with demerphq here, why can't PAUSE just fix this? It didn't come up in the hasty discussion about this problem, it didn't occur to me for a moment. And to nobody else. And the number of victim

Re: [PATCH] ExtUtils::MakeMaker and world writable files in dists

On Thursday 13 November 2008, David Golden wrote: > On Thu, Nov 13, 2008 at 3:39 AM, Shlomi Fish <[EMAIL PROTECTED]> wrote: > >> What I was expressing is that the CPAN shell can do the twiddling to > >> strip flags at the point of extraction, rather than PAUSE stopping it at > >> the gate. Archive:

Re: [PATCH] ExtUtils::MakeMaker and world writable files in dists

On Thu, Nov 13, 2008 at 3:39 AM, Shlomi Fish <[EMAIL PROTECTED]> wrote: >> What I was expressing is that the CPAN shell can do the twiddling to strip >> flags at the point of extraction, rather than PAUSE stopping it at the >> gate. Archive::Tar already does this (see >> $Archive::Tar::INSECURE_EXT

Re: [PATCH] ExtUtils::MakeMaker and world writable files in dists

On Thursday 13 November 2008, Michael G Schwern wrote: > Andreas J. Koenig wrote: > >> On Wed, 12 Nov 2008 19:13:40 -0800, Michael G Schwern > >> <[EMAIL PROTECTED]> said: > > > > > > Now that the CPAN shells and archiving modules are handling it at > > > their end, I think the PAUSE

Re: [PATCH] ExtUtils::MakeMaker and world writable files in dists

2008/11/13 chromatic <[EMAIL PROTECTED]>: > On Wednesday 12 November 2008 22:36:31 demerphq wrote: > >> > I really, really, really don't want PAUSE modifying my stuff after it's >> > uploaded. Oh god the mysterious bugs. And then there's the fact that >> > the code I've put my name and signature

Re: [PATCH] ExtUtils::MakeMaker and world writable files in dists

On Wednesday 12 November 2008 22:36:31 demerphq wrote: > > I really, really, really don't want PAUSE modifying my stuff after it's > > uploaded.  Oh god the mysterious bugs.  And then there's the fact that > > the code I've put my name and signature on is not the same code as is > > being distribu

Re: [PATCH] ExtUtils::MakeMaker and world writable files in dists

2008/11/13 Michael G Schwern <[EMAIL PROTECTED]>: > Jonathan Rockway wrote: >> * On Wed, Nov 12 2008, David Golden wrote: >>> On Wed, Nov 12, 2008 at 3:17 PM, demerphq <[EMAIL PROTECTED]> wrote: IMO if the toolchain is to work this should happen at PAUSE (if it can detect this problem IMO

Re: [PATCH] ExtUtils::MakeMaker and world writable files in dists

Andreas J. Koenig wrote: >> On Wed, 12 Nov 2008 19:13:40 -0800, Michael G Schwern <[EMAIL >> PROTECTED]> said: > > > Now that the CPAN shells and archiving modules are handling it at their > end, I > > think the PAUSE filter should be removed. It's not PAUSE's job to be the > code

Re: [PATCH] ExtUtils::MakeMaker and world writable files in dists

David Golden wrote: > On Wed, Nov 12, 2008 at 3:17 PM, demerphq <[EMAIL PROTECTED]> wrote: >> I rather strongly object to this change. > > I totally understand -- but keep in mind that this was in response to > someone flagging this as a potential (if highly unlikely) security > hole, forwarding i

Re: [PATCH] ExtUtils::MakeMaker and world writable files in dists

Jonathan Rockway wrote: > * On Wed, Nov 12 2008, David Golden wrote: >> On Wed, Nov 12, 2008 at 3:17 PM, demerphq <[EMAIL PROTECTED]> wrote: >>> IMO if the toolchain is to work this should happen at PAUSE (if it can >>> detect this problem IMO it should just damn well fix it itself) or at >>> extra

Re: [PATCH] ExtUtils::MakeMaker and world writable files in dists

* On Wed, Nov 12 2008, David Golden wrote: > On Wed, Nov 12, 2008 at 3:17 PM, demerphq <[EMAIL PROTECTED]> wrote: >> IMO if the toolchain is to work this should happen at PAUSE (if it can >> detect this problem IMO it should just damn well fix it itself) or at >> extraction. > > It *is* being fixed

Re: [PATCH] ExtUtils::MakeMaker and world writable files in dists

2008/11/12 David Golden <[EMAIL PROTECTED]>: > On Wed, Nov 12, 2008 at 3:17 PM, demerphq <[EMAIL PROTECTED]> wrote: >> I rather strongly object to this change. > > I totally understand -- but keep in mind that this was in response to > someone flagging this as a potential (if highly unlikely) secur

Re: [PATCH] ExtUtils::MakeMaker and world writable files in dists

On Wed, Nov 12, 2008 at 3:17 PM, demerphq <[EMAIL PROTECTED]> wrote: > I rather strongly object to this change. I totally understand -- but keep in mind that this was in response to someone flagging this as a potential (if highly unlikely) security hole, forwarding it to some security-watchdog sit

Re: [PATCH] ExtUtils::MakeMaker and world writable files in dists

2008/10/1 Andreas J. Koenig <[EMAIL PROTECTED]>: >> On Tue, 30 Sep 2008 17:11:00 -0500, Jonathan Rockway <[EMAIL PROTECTED]> >> said: > > >> Anyway, I think the average CPAN author doesn't > >> really know or care about that, sadly. > >> See also > > > FWIW, this is true. I have never

Re: [PATCH] ExtUtils::MakeMaker and world writable files in dists

> On Tue, 30 Sep 2008 17:11:00 -0500, Jonathan Rockway <[EMAIL PROTECTED]> > said: >> Anyway, I think the average CPAN author doesn't >> really know or care about that, sadly. >> See also > FWIW, this is true. I have never thought about it. > Personally, I am confused as to why

Re: [PATCH] ExtUtils::MakeMaker and world writable files in dists

* On Sun, Sep 28 2008, Cosimo Streppone wrote: > Hi! > > I don't know if I really understand the entire > "world-writable files" security hole. > > Anyway, I think the average CPAN author doesn't > really know or care about that, sadly. > See also FWIW, this is true. I have never thought about it

Re: [PATCH] ExtUtils::MakeMaker and world writable files in dists

On Monday 29 September 2008, Aristotle Pagaltzis wrote: > * Cosimo Streppone <[EMAIL PROTECTED]> [2008-09-29 02:10]: > > but it seems that gnu tar doesn't like the following: > > > > $ tar --mode=0755 cvf blah.tar somedir > > $ tar c --mode=0755 vf blah.tar somedir > > > > and will only accept:

Re: [PATCH] ExtUtils::MakeMaker and world writable files in dists

På Tue, 30 Sep 2008 04:05:51 +0200, skrev Michael G Schwern <[EMAIL PROTECTED]>: Aristotle Pagaltzis wrote: [...] The idea was to relieve Windows users from having to hack their tar before they can use EU::MM to bake distros that the CPAN indexer will not reject. Allow me to clarify.

Re: [PATCH] ExtUtils::MakeMaker and world writable files in dists

Aristotle Pagaltzis wrote: > * Michael G Schwern <[EMAIL PROTECTED]> [2008-09-29 16:35]: >> Aristotle Pagaltzis wrote: >>> * Michael G Schwern <[EMAIL PROTECTED]> [2008-09-29 14:50]: MakeMaker can set a minimum umask if it wants to play security nanny >>> On Windows? >> Windows, as always

Re: [PATCH] ExtUtils::MakeMaker and world writable files in dists

* Michael G Schwern <[EMAIL PROTECTED]> [2008-09-29 16:35]: > Aristotle Pagaltzis wrote: > > * Michael G Schwern <[EMAIL PROTECTED]> [2008-09-29 14:50]: > >> MakeMaker can set a minimum umask if it wants to play > >> security nanny > > > > On Windows? > > Windows, as always, is a "special" case.

Re: [PATCH] ExtUtils::MakeMaker and world writable files in dists

Aristotle Pagaltzis wrote: > * Michael G Schwern <[EMAIL PROTECTED]> [2008-09-29 14:50]: >> MakeMaker can set a minimum umask if it wants to play security >> nanny > > On Windows? Windows, as always, is a "special" case. If a work around is necessary for Windows that's fine. -- Hating the web

Re: [PATCH] ExtUtils::MakeMaker and world writable files in dists

On Sun, Sep 28, 2008 at 10:14:10PM +0200, Cosimo Streppone wrote: > Could this work? No, because --mode is a GNUism. If you make that the default then it will break for everyone who doesn't use GNU tar. Having EU::MM try to use that flag when it's supported is a good idea though. Probably bett

Re: [PATCH] ExtUtils::MakeMaker and world writable files in dists

* Michael G Schwern <[EMAIL PROTECTED]> [2008-09-29 14:50]: > MakeMaker can set a minimum umask if it wants to play security > nanny On Windows? Regards, -- Aristotle Pagaltzis //

Re: [PATCH] ExtUtils::MakeMaker and world writable files in dists

Aristotle Pagaltzis wrote: > * Cosimo Streppone <[EMAIL PROTECTED]> [2008-09-29 02:10]: >> but it seems that gnu tar doesn't like the following: >> >> $ tar --mode=0755 cvf blah.tar somedir >> $ tar c --mode=0755 vf blah.tar somedir >> >> and will only accept: >> >> $ tar cvf blah.tar --mode=

Re: [PATCH] ExtUtils::MakeMaker and world writable files in dists

* Cosimo Streppone <[EMAIL PROTECTED]> [2008-09-29 02:10]: > but it seems that gnu tar doesn't like the following: > > $ tar --mode=0755 cvf blah.tar somedir > $ tar c --mode=0755 vf blah.tar somedir > > and will only accept: > > $ tar cvf blah.tar --mode=0755 somedir > > Could this work? GN