On Tue, Mar 13, 2007 at 10:48:55PM +0100, Till Maas wrote: > On Di März 13 2007, Axel Thimm wrote: > > > The race between two rm/mkdir are about 50%. If you add a grep into > > one of them the balance will be strongly shifted in our favour, just > > try it. > > The grep needs only to be performed once before the race to "guess" the > buildroot. Yes, once, but in the right time window, which is when between when the scriplet is written to disk and being executed. So the attacker has to win two races, not only one, and the grep itself and subsequent text parsing takes more time than the script's rm/mkdir. But this is all academic, try an attack and check the success rates, I'm sure they will be very low in the mktemp BuildRoot, even if you write the grep/sed stuff in C. But they will be zero if we handle the race in the specfile, I'm not trying to play the true issue down. -- Axel.Thimm at ATrpms.net
Attachment:
pgprZywYL8zRn.pgp
Description: PGP signature
-- Fedora-packaging mailing list Fedora-packaging@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-packaging
