[Buildd-tools-devel] Bug#476332: Bug#476332: Bug#476332: schroot: Fails mysteriously when /etc/schroot/schroot.conf is a symlink
Roger Leigh
rleigh at whinlatter.ukfsn.org
Sun Apr 20 22:38:05 UTC 2008
tags 476332 + fixed-upstream pending
thanks
Timothy G Abbott <tabbott at MIT.EDU> writes:
> The discussion of O_NOFOLLOW in the following might be helpful:
>
> http://www.linux-knowledge-portal.org/en/content.php?&content/programming/secprog2.html
>
> Most attacks that O_NOFOLLOW prevents can be executed with hard
> links; I believe the only exceptions are those in which the object
> being opened is a directory or other object that cannot be hard
> linked, and only then when the symlink is in the last component of
> the directory name. Consequently, I believe O_NOFOLLOW is intended
> for programs like find, and is not useful for much else.
>
> Correct me if I'm wrong, but I believe schroot only reads
> configuration files from within /etc/, so it should not be
> vulnerable to the typical race condition attacks that O_NOFOLLOW is
> trying to prevent.
I think this makes sense, and I have removed O_FOLLOW from the open(2)
call. This will be in the next schroot upload, hopefully soon (time
permitting). If you want to get a fixed version right now, you can
check out the git repository
% git clone git://git.debian.org/git/buildd-tools/schroot.git schroot
This fix is on both the master and schroot-1.2 (stable for Lenny)
branches.
Regards,
Roger
--
.''`. Roger Leigh
: :' : Debian GNU/Linux http://people.debian.org/~rleigh/
`. `' Printing on GNU/Linux? http://gutenprint.sourceforge.net/
`- GPG Public Key: 0x25BFB848 Please GPG sign your mail.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 188 bytes
Desc: not available
Url : http://lists.alioth.debian.org/pipermail/buildd-tools-devel/attachments/20080420/68b08af2/attachment.pgp
More information about the Buildd-tools-devel
mailing list