1. Forum
  2. Usenet
  3. LINUX.GENTOO.DEV

  • Re: [gentoo-dev] [PATCH] savedconfig.eclass: do not preserve symlink in

    From Mike Gilbert@21:1/5 to [email protected] on Sun Jun 4 20:10:01 2023
    On Sun, Jun 4, 2023 at 2:03 PM Michael Orlitzky <[email protected]> wrote:

    On Sun, 2023-06-04 at 13:31 -0400, Mike Gilbert wrote:
    This allows users to maintain the saved config file in some other
    location.


    If so, the symlink should point to a superuser-only location to avoid creating any new vulnerabilities. We can't fix the general problem, but
    we could at least mention in the docs that symlinks will (now) be
    followed and that users should be careful if they want to maintain the
    files elsewhere.

    That seems self-evident to me, and I don't think it warrants a callout
    in the documentation.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Michael Orlitzky@21:1/5 to Mike Gilbert on Sun Jun 4 20:10:01 2023
    On Sun, 2023-06-04 at 13:31 -0400, Mike Gilbert wrote:
    This allows users to maintain the saved config file in some other
    location.


    If so, the symlink should point to a superuser-only location to avoid
    creating any new vulnerabilities. We can't fix the general problem, but
    we could at least mention in the docs that symlinks will (now) be
    followed and that users should be careful if they want to maintain the
    files elsewhere.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Arsen =?utf-8?Q?Arsenovi=C4=87?=@21:1/5 to Michael Orlitzky on Sun Jun 4 21:00:01 2023
    Michael Orlitzky <[email protected]> writes:

    If so, the symlink should point to a superuser-only location to avoid creating any new vulnerabilities. We can't fix the general problem, but
    we could at least mention in the docs that symlinks will (now) be
    followed and that users should be careful if they want to maintain the
    files elsewhere.

    I believe that the target directory of this cp can be considered
    equivalent in terms of access to any superuser-only directory, so I'm
    not sure I see the problem with this change.

    LGTM
    --
    Arsen Arsenović

    --=-=-Content-Type: application/pgp-signature; name="signature.asc"

    -----BEGIN PGP SIGNATURE-----

    iOcEARYKAI8WIQT+4rPRE/wAoxYtYGFSwpQwHqLEkwUCZHzdx18UgAAAAAAuAChp c3N1ZXItZnByQG5vdGF0aW9ucy5vcGVucGdwLmZpZnRoaG9yc2VtYW4ubmV0RkVF MkIzRDExM0ZDMDBBMzE2MkQ2MDYxNTJDMjk0MzAxRUEyQzQ5MxEcYXJzZW5AZ2Vu dG9vLm9yZwAKCRBSwpQwHqLEk2RaAQCLs1vRBqwSfhREOfKZplnXVU/vovdA+roP b4iW+BbdxAD+OatfkdrrCNOAyTp79/bJwWS7n8Qo/5V85hTfiGhfGw4=2hUo
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Michael Orlitzky@21:1/5 to All on Mon Jun 5 02:00:01 2023
    On Sun, 2023-06-04 at 20:46 +0200, Arsen Arsenović wrote:

    I believe that the target directory of this cp can be considered
    equivalent in terms of access to any superuser-only directory, so I'm
    not sure I see the problem with this change.

    It silently changes something that was safe (but stupid) to something
    unsafe (but still stupid).

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)