Date: Wed, 16 Jan 2008 08:49:01 +0200 From: Giorgos Keramidas <keramida@freebsd.org> To: freebsd-ports@freebsd.org Subject: FW: ports/116222: editors/emacs: files installed with wrong owner Message-ID: <20080116064901.GA63469@kobe.laptop>
next in thread | raw e-mail | index | archive | help
Hi ports fellows, As part of the investigation for ports/116222 we found that installing a port after a plain `su' may install files with the wrong uid:gid. As you can see from the snippets quoted below from the PR trail, the problem goes away if one uses `su -' to install ports. % Date: Sun, 9 Sep 2007 08:32:57 GMT % Message-Id: <200709090832.l898WvHW053413@www.freebsd.org> % From: Nate Eldredge <neldredge@ucsd.edu> % Subject: ports/116222: editors/emacs: files installed with wrong owner % To: freebsd-gnats-submit@FreeBSD.org % % >Number: 116222 % >Category: ports % >Synopsis: editors/emacs: files installed with wrong owner % [...] % # ls -l /usr/local/share/emacs/22.1/ % total 22 % drwxr-xr-x 5 nate wheel 3072 Sep 9 01:19 etc % drwxr-xr-x 4 root wheel 512 Sep 9 01:19 leim % drwxr-xr-x 20 nate wheel 12800 Sep 9 01:19 lisp % drwxr-xr-x 2 root wheel 512 Sep 9 01:19 site-lisp % % The contents of etc/ and lisp/ are likewise owned by nate. % % You might consider this a security problem, since now "nate" can tweak % the lisp files and cause everyones' emacs to do funny things. Of course % in this case, "nate" was able to su to root anyway, but you could % imagine scenarios where this isn't the case. % From: Giorgos Keramidas <keramida@freebsd.org> % To: Nate Eldredge <neldredge@ucsd.edu> % Cc: freebsd-gnats-submit@freebsd.org % Subject: ports/116222: Re: ports/116222: editors/emacs: files installed with wrong owner % Date: Thu, 27 Sep 2007 19:14:43 +0300 % % Can you try using "su -" to install the port? There's nothing special % about editors/emacs in the way the files are copied to `/usr/local', but % it uses tar(1) to copy files in `/usr/local'. This means that when the % files are copied, tar(1) tries to preserve the owner and/or group of the % original files. % From: Nate Eldredge <neldredge@math.ucsd.edu> % To: Giorgos Keramidas <keramida@freebsd.org> % Cc: freebsd-gnats-submit@freebsd.org % Subject: ports/116222: Re: ports/116222: editors/emacs: files installed with wrong owner % Date: Thu, 27 Sep 2007 11:10:16 -0700 (PDT) % % That fixes it, but I agree it should not be necessary. % Thanks for looking at this. Is there any way to make sure this does not happen, or do we generally suggest installing ports only from `su -' sessions? The real question about the PR is, should editors/emacs and emacs-devel be patched to install the files with the correct permissions, or is this something we don't really care to install as a workaround? - Giorgos
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20080116064901.GA63469>