[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 15 Jan 2014 11:01:39 +0000
From: Laurent Bercot <ska-dietlibc@...rnet.org>
To: musl@...ts.openwall.com
Subject: Re: install.sh is wrong with libc.so
> umask 077
> cat < lib/libc.so > /lib/libc.so.tmp.pid # /lib/libc.so.tmp.pid is created with mode 600
> mv -f /lib/libc.so.tmp.pid /lib/libc.so
> chmod 755 /lib/libc.so # failed with "Permission denied"
Very funny bug ^^
I'm curious of the thought process behind that code:
- why cat instead of cp ? I guess it's to avoid the implementation-defined behaviour
of cp wrt. rights of the destination file, whereas >'s behaviour is guaranteed.
- but an explicit chmod is needed anyway.
- why perform the chmod after the mv, since mv is guaranteed to be a rename() in that
case, the rights will be preserved ? Is there a possibility of someone abusing the
temp file if it is 0755, knowing it is owned by root anyway ?
chmoding the temp file before the mv -f, instead of /lib/libc.so at the end, looks
like the obvious and simplest fix, but I'm wondering whether I missed something.
--
Laurent
Powered by blists - more mailing lists
Confused about mailing lists and their use?
Read about mailing lists on Wikipedia
and check out these
guidelines on proper formatting of your messages.
