[Fedora-packaging] Re: buildroot race condition
Axel Thimm
Axel.Thimm at ATrpms.net
Wed Mar 14 15:23:41 UTC 2007
On Wed, Mar 14, 2007 at 03:07:30PM +0100, Till Maas wrote:
> On Mi März 14 2007, Axel Thimm wrote:
>
> > Yes, once, but in the right time window, which is when between when the
> > scriplet is written to disk and being executed. So the attacker has to win
> > two races, not only one, and the grep itself and subsequent text parsing
> > takes more time than the script's rm/mkdir.
>
> In the rpm-tmp files I have on my system, there is not only the install part
> in the file, but also the build part. So I assume that after the file is
> created and the attackers knows the buildroot, he has all the time
> until %build is finished, to prepare the race betwenn rm/mkdir in %install.
Ouch! Another reason why %build even knowing where %{buildroot} is, is
bad.
So, indeed we need to fix this somehow (e.g. the rm/mkdir
suggestion). Very nice thinking!
--
Axel.Thimm at ATrpms.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/fedora-packaging/attachments/20070314/58ed956b/attachment.sig>
More information about the Fedora-packaging
mailing list