On Wed, Mar 14, 2007 at 03:07:30PM +0100, Till Maas wrote:
> On Mi März 14 2007, Axel Thimm wrote:
>
> > Yes, once, but in the right time window, which is when between when the
> > scriplet is written to disk and being executed. So the attacker has to win
> > two races, not only one, and the grep itself and subsequent text parsing
> > takes more time than the script's rm/mkdir.
>
> In the rpm-tmp files I have on my system, there is not only the install part
> in the file, but also the build part. So I assume that after the file is
> created and the attackers knows the buildroot, he has all the time
> until %build is finished, to prepare the race betwenn rm/mkdir in %install.
Ouch! Another reason why %build even knowing where %{buildroot} is, is
bad.
So, indeed we need to fix this somehow (e.g. the rm/mkdir
suggestion). Very nice thinking!
--
Axel.Thimm at ATrpms.net
Attachment:
pgpqFCkkm8biw.pgp
Description: PGP signature
-- Fedora-packaging mailing list Fedora-packaging@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-packaging
