Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 30 Dec 2005 12:47:51 +0000
From:      Matthew Seaman <m.seaman@infracaninophile.co.uk>
To:        "Simon L. Nielsen" <simon@freebsd.org>
Cc:        =?ISO-8859-15?Q?Dag-Erling_Sm=F8rgrav?= <des@des.no>, freebsd-current@freebsd.org, =?ISO-8859-15?Q?=C1d=E1m_Szilveszter?= <adamsz@mailpont.hu>
Subject:   Re: fetch extension - use local filename from content-disposition header
Message-ID:  <43B52C77.2010405@infracaninophile.co.uk>
In-Reply-To: <20051230100234.GA855@zaphod.nitro.dk>
References:  <20051229193328.A13367@cons.org>	<20051230021602.GA9026@pit.databus.com>	<43B498DF.4050204@cyberwang.net> <43B49B22.7040307@gmail.com>	<20051229220403.A16743@cons.org>	<20051230053906.GA75942@pit.databus.com>	<2440.193.68.33.1.1135932286.squirrel@193.68.33.1>	<86irt7dk5k.fsf@xps.des.no>	<43B4FFB2.4090203@infracaninophile.co.uk> <20051230100234.GA855@zaphod.nitro.dk>

next in thread | previous in thread | raw e-mail | index | archive | help
This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--------------enigE5BA6BC8618647749D12E3E0
Content-Type: text/plain; charset=ISO-8859-15; format=flowed
Content-Transfer-Encoding: quoted-printable

Simon L. Nielsen wrote:
> On 2005.12.30 09:36:50 +0000, Matthew Seaman wrote:
>=20
>>Dag-Erling Sm=F8rgrav wrote:
>>
>>>Wrong.  If you go into a ports directory and type 'make install clean'=

>>>as an unprivileged user, the only parts of the build that actually run=

>>>with root privileges are the final portions of the installation
>>>sequence.
>>
>>Not if you, as a naive user, take a freshly installed system and an
>>unmodified environment.  You'll need to make a bunch of changes
>>before everything will run smoothly:
>>
>>  * Make /usr/ports/distfiles writable by user or set $DISTDIR to
>>    a writable directory
>>  * Make /var/db/ports writable by user or set $PORT_DBDIR to a=20
>>    writable location
>>  * Make each port directory writable -- so the the 'work' directories
>>    can be created -- or set $WRKDIRPREFIX to a writable location.
>=20
>=20
> It should of cause be mentioned that by doing this you have now made
> it possible for "user" to gain root privileges.  This might not a
> problem in many cases, but people should be aware of it.

'user' would have to know the root password already in order to be
able to install stuff.  Is this scheme better or worse than having
root do all the fetching and compiling? =20

I guess making the ports directories writable is the big no-no here.
That means for instance, an ill-intentioned person could spoof you into
installing software with a backdoor in it, seeing as they could download
a trojanned distfile and also tweak the checksums in the port distinfo.
Although I suppose being able to inject arbitrary code into make(1) by
fiddling with the files under /var/db/ports is pretty bad too.

	Cheers,

	Matthew

--=20
Dr Matthew J Seaman MA, D.Phil.                       7 Priory Courtyard
                                                      Flat 3
PGP: http://www.infracaninophile.co.uk/pgpkey         Ramsgate
                                                      Kent, CT11 9PW


--------------enigE5BA6BC8618647749D12E3E0
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (FreeBSD)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFDtSx98Mjk52CukIwRA6BeAJ9eLTOe3OsHH7oSZdbeuRftmlxBPgCfUlI1
5dqkZr4MBmNyOPipcYkjW/A=
=NphW
-----END PGP SIGNATURE-----

--------------enigE5BA6BC8618647749D12E3E0--



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?43B52C77.2010405>