Bug#789404: pbuilder: insecure use of /tmp

Thorsten Glaser tg at mirbsd.de
Sun Aug 9 21:05:12 UTC 2015


Jakub Wilk dixit:

> And there's DoS aspect: local user could stuff chroot's /tmp with garbage,
> which pbuilder then will have to compress and later decompress on every build.

Meh, it's probably trivial to let it create the chroot inside
a temporary directory other users may not traverse.

The current “let's move the build dir” stinks much more, why
not pre-create /tmp/build in the chroot to be writable only
to the buildd user?

bye,
//mirabilos
-- 
<diogenese> Beware of ritual lest you forget the meaning behind it.
<igli> yeah but it means if you really care about something, don't
    ritualise it, or you will lose it. don't fetishise it, don't
    obsess. or you'll forget why you love it in the first place.



More information about the Pbuilder-maint mailing list