From owner-freebsd-ports Thu Jul 29 15: 0:45 1999 Delivered-To: freebsd-ports@freebsd.org Received: from dfw-ix3.ix.netcom.com (dfw-ix3.ix.netcom.com [206.214.98.3]) by hub.freebsd.org (Postfix) with ESMTP id 0F834151AC for ; Thu, 29 Jul 1999 15:00:37 -0700 (PDT) (envelope-from asami@cs.berkeley.edu) Received: (from smap@localhost) by dfw-ix3.ix.netcom.com (8.8.4/8.8.4) id QAA03404; Thu, 29 Jul 1999 16:58:32 -0500 (CDT) Received: from sji-ca13-87.ix.netcom.com(209.109.238.87) by dfw-ix3.ix.netcom.com via smap (V1.3) id rma003388; Thu Jul 29 16:58:29 1999 Received: (from asami@localhost) by silvia.hip.berkeley.edu (8.9.3/8.6.9) id OAA50528; Thu, 29 Jul 1999 14:58:18 -0700 (PDT) Date: Thu, 29 Jul 1999 14:58:18 -0700 (PDT) Message-Id: <199907292158.OAA50528@silvia.hip.berkeley.edu> X-Authentication-Warning: silvia.hip.berkeley.edu: asami set sender to asami@cs.berkeley.edu using -f To: zaks@prioris.im.pw.edu.pl Cc: freebsd-ports@freebsd.org In-reply-to: <19990729161457.A727@prioris.im.pw.edu.pl> (message from Slawek Zak on Thu, 29 Jul 1999 16:14:57 +0200) Subject: Re: Extracted files' permissions From: asami@freebsd.org (Satoshi - Ports Wraith - Asami) References: <19990729161457.A727@prioris.im.pw.edu.pl> Sender: owner-freebsd-ports@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org * From: Slawek Zak * When I lately extracted some packages, I have noticed that owners of * the files and directories are random (try make extract lang/lua or * lang/erlang) These UIDs may or may not exist on your system. If they * do, the files can be easily overwritten by malicious user and lead to * compromise of the system. I just checked, lua has root:wheel but the erlang_base package indeed has a bunch of files owned by 325:10. * So my question is if it should be treated as bug, and reported to the * packager, or maybe there should be an additional step in extracting * these files, in which the owner would be changed to 0:0. * * Of course the easiest solution would be chmod og= /usr/ports :) There could be some things that can only be fixed by the maintainer. For instance, if the port is extracting a zip file directly into the installation directory, no automated chmod in ${WRKDIR} is going to help us. Also, it is somewhat dangerous to change the ownerships in ${WRKDIR} blindly since there might be a set-uid-games executable in there. That said, what about something like the following? At least that will cover the case where the the port is doing a tar | tar from ${WRKDIR} into the installation dir. Ports that absolutely need the ownership to be preserved can set EXTRACT_PRESERVE_OWNERSHIP. -PW ======= Index: bsd.port.mk =================================================================== RCS file: /usr/cvs/ports/Mk/bsd.port.mk,v retrieving revision 1.315 diff -u -r1.315 bsd.port.mk --- bsd.port.mk 1999/07/23 09:36:54 1.315 +++ bsd.port.mk 1999/07/29 21:49:09 @@ -824,6 +824,8 @@ AWK?= /usr/bin/awk BASENAME?= /usr/bin/basename CAT?= /bin/cat +CHMOD?= /bin/chmod +CHOWN?= /usr/sbin/chown CP?= /bin/cp ECHO?= /bin/echo EXPR?= /bin/expr ################################################################ # The following are used to create easy dummy targets for @@ -1469,6 +1475,12 @@ exit 1; \ fi \ done +.if !defined(EXTRACT_PRESERVE_OWNERSHIP) + @if [ `id -u` = 0 ]; then \ + ${CHMOD} -R ug-s ${WRKDIR}; \ + ${CHOWN} -R 0:0 ${WRKDIR}; \ + fi +.endif .endif # Patch To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message