Re: World writable tarballs

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]


On Sun, Apr 30, 2006 at 09:15:01AM +0000, Heikki Orsila wrote:
> On Sun, Apr 30, 2006 at 01:48:12AM +0100, Alistair John Strachan wrote:
> > There's no need to repeatedly discuss it.
> I think there is. Sorry for wasting bandwidth.
> It's a big security hole deliberately caused by the kernel people (files
> in the tar ball have og+w, so it's not problem in roots umask or tar).
> Real security needs _simplicity_ but current file modes require
> unnecessary _tricks_ for admins. There should be nothing against
> untarring files as root. In this case it makes sense too, because only
> the tar balls are crypto signed, not the individual files inside the tar
> ball, so root can conveniently just verify the crypto signature and
> untar the file without any race conditions or trusting other users. The
> only real alternative is to create an _unnecessary_ trusted user to do
> tar ball handling.
> PS. this file permission bug almost bit me. People make errors and this
> one is potentially a big privilege escalation, because it potentially
> turns normal application bugs into root privileges.

Although I don't like finding world-writable files in tar archives, I
think you're exagerating a bit. First, you're not turning normal bugs
into root privileges, and second, you don't need to create a user just
for this, you just have to extract it in a directory that other users
cannot access (chmod o-x).

Also, you'll find several other software on the net with full rights,
so if this really is a concern to you, you'd better get used to this
with simple and reliable solutions (ntp comes to mind).

> Heikki Orsila                   Barbie's law:
> [email protected]            "Math is hard, let's go shopping!"


To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at
Please read the FAQ at

[Index of Archives]     [Kernel Newbies]     [Netfilter]     [Bugtraq]     [Photo]     [Stuff]     [Gimp]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Video 4 Linux]     [Linux for the blind]     [Linux Resources]
  Powered by Linux