From owner-freebsd-ports-bugs@FreeBSD.ORG Sun Dec 4 14:20:09 2011 Return-Path: Delivered-To: freebsd-ports-bugs@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 3EA0F1065672 for ; Sun, 4 Dec 2011 14:20:09 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 1B36C8FC13 for ; Sun, 4 Dec 2011 14:20:09 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.5/8.14.5) with ESMTP id pB4EK8Re093242 for ; Sun, 4 Dec 2011 14:20:08 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.5/8.14.5/Submit) id pB4EK8fT093241; Sun, 4 Dec 2011 14:20:08 GMT (envelope-from gnats) Resent-Date: Sun, 4 Dec 2011 14:20:08 GMT Resent-Message-Id: <201112041420.pB4EK8fT093241@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-ports-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Chris Rees Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id D7999106566B for ; Sun, 4 Dec 2011 14:10:26 +0000 (UTC) (envelope-from crees@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id AD3778FC1C for ; Sun, 4 Dec 2011 14:10:26 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.5/8.14.5) with ESMTP id pB4EAQva083240 for ; Sun, 4 Dec 2011 14:10:26 GMT (envelope-from crees@freefall.freebsd.org) Received: (from crees@localhost) by freefall.freebsd.org (8.14.5/8.14.5/Submit) id pB4EAQi5083232; Sun, 4 Dec 2011 14:10:26 GMT (envelope-from crees) Message-Id: <201112041410.pB4EAQi5083232@freefall.freebsd.org> Date: Sun, 4 Dec 2011 14:10:26 GMT From: Chris Rees To: FreeBSD-gnats-submit@FreeBSD.org X-Send-Pr-Version: 3.113 Cc: Subject: ports/163059: Portbuild: Drop privileges for extract/patch/build phases X-BeenThere: freebsd-ports-bugs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Chris Rees List-Id: Ports bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 04 Dec 2011 14:20:09 -0000 >Number: 163059 >Category: ports >Synopsis: Portbuild: Drop privileges for extract/patch/build phases >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Sun Dec 04 14:20:08 UTC 2011 >Closed-Date: >Last-Modified: >Originator: Chris Rees >Release: FreeBSD 8.2-STABLE i386 >Organization: >Environment: System: FreeBSD freefall.freebsd.org 8.2-STABLE FreeBSD 8.2-STABLE #5 r227907: Wed Nov 23 21:55:50 UTC 2011 simon@freefall.freebsd.org:/usr/obj/usr/src/sys/FREEFALL i386 >Description: As discussed at [1] and with portmgr, here's a patch to portbuild to drop privileges for most stages except install. It's hardcoded, but since the rest of the file is too I don't see any way to get around this :) If I can get confirmation that this would be acceptable / perhaps even get a list of broken ports with it that'd be wonderful, (whenever!). I'm aware one portmgr was interested, although I think right now he's unable to commit much time. [1] http://marcuscom.com/pipermail/tinderbox-list/2011-June/002161.html >How-To-Repeat: >Fix: --- portbuild-su-patch.diff begins here --- Index: buildscript =================================================================== --- buildscript (revision 228258) +++ buildscript (working copy) @@ -193,6 +193,9 @@ echo "prefixes: LOCALBASE=${L}" + # Nobody isn't allowed to create WRKDIRPREFIX, so we do it for him + /usr/bin/install -d -o nobody -m755 /work + # Stash a copy of /etc/master.passwd and /etc/group to detect whether someone modifies it cp /etc/master.passwd /etc/master.passwd-save cp /etc/group /etc/group-save @@ -241,7 +244,8 @@ add_pkg ${ED} cd $dir - /pnohang ${BUILD_TIMEOUT} /tmp/make.log2 ${pkgname} make extract || cleanup 2 + su -m nobody -c "/pnohang ${BUILD_TIMEOUT} /tmp/make.log2 ${pkgname} \ + make extract" || cleanup 2 cat /tmp/make.log2 del_pkg ${ED} @@ -254,7 +258,8 @@ echo "========================================" add_pkg ${PD} cd $dir - /pnohang ${BUILD_TIMEOUT} /tmp/make.log3 ${pkgname} make patch || cleanup 3 + su -m nobody -c "/pnohang ${BUILD_TIMEOUT} /tmp/make.log3 ${pkgname} \ + make patch" || cleanup 3 cat /tmp/make.log3 del_pkg ${PD} @@ -295,7 +300,8 @@ fi cd $dir - /pnohang ${BUILD_TIMEOUT} /tmp/make.log4 ${pkgname} make build || cleanup 4 + su -m nobody -c "/pnohang ${BUILD_TIMEOUT} /tmp/make.log4 ${pkgname} \ + make build" || cleanup 4 cat /tmp/make.log4 echo "================================================================" --- portbuild-su-patch.diff ends here --- >Release-Note: >Audit-Trail: >Unformatted: