Fri, Nov 26 2004
05:49:27
|
|
Request created by jidanni@jidanni.org
|
|
Return-Path |
<jidanni@jidanni.org>
|
Delivered-To |
grass-bugs@lists.intevation.de
|
To |
grass-bugs@intevation.de
|
Subject |
secure the snapshot file owner
|
From |
Dan Jacobson <jidanni@jidanni.org>
|
Date |
Fri, 26 Nov 2004 06:33:56 +0800
|
Message-ID |
<87k6s95zjf.fsf@jidanni.org>
|
MIME-Version |
1.0
|
Content-Type |
text/plain; charset=us-ascii
|
X-Spam-Status |
No, hits=-4.2 tagged_above=-999.0 required=3.0 tests=BAYES_00, DATE_IN_PAST_06_12
|
X-Spam-Level |
|
Installing the snapshot as root creates files owned by mystery user 1338.
|
|
Fri, Nov 26 2004
15:16:17
|
|
Mail sent by mneteler
|
|
The user id for the binary snapshot is not very mysterious:
grass.itc.it
grep neteler /etc/passwd
neteler:x:1338:1000:Markus Neteler...
Any problems with that?
Markus |
|
Fri, Nov 26 2004
22:12:14
|
|
Mail sent by jidanni@jidanni.org
|
|
Return-Path |
<jidanni@jidanni.org>
|
Delivered-To |
grass-bugs@lists.intevation.de
|
To |
Markus Neteler via RT <grass-bugs@intevation.de>
|
Subject |
Re: [bug #2720] (grass) secure the snapshot file owner
|
References |
<20041126141617.717A4100168@lists.intevation.de>
|
From |
Dan Jacobson <jidanni@jidanni.org>
|
Date |
Sat, 27 Nov 2004 05:12:04 +0800
|
Message-ID |
<87ekig48nv.fsf@jidanni.org>
|
MIME-Version |
1.0
|
Content-Type |
text/plain; charset=us-ascii
|
X-Spam-Status |
No, hits=-4.9 tagged_above=-999.0 required=3.0 tests=BAYES_00
|
X-Spam-Level |
|
H> The user id for the binary snapshot is not very mysterious:
Well it just happens to me J. Malicious User here. Be more secure.
|
|
Mon, Nov 29 2004
15:03:43
|
|
Mail sent by mneteler
|
|
How to be more secure?
Such statements are not very helful (to me). |
|
Tue, Nov 30 2004
00:51:42
|
|
Mail sent by jidanni@jidanni.org
|
|
Return-Path |
<jidanni@jidanni.org>
|
Delivered-To |
grass-bugs@lists.intevation.de
|
To |
Markus Neteler via RT <grass-bugs@intevation.de>
|
Subject |
Re: [bug #2720] (grass) secure the snapshot file owner
|
References |
<20041129140343.D3A69102BF8@lists.intevation.de>
|
From |
Dan Jacobson <jidanni@jidanni.org>
|
Date |
Tue, 30 Nov 2004 06:10:30 +0800
|
Message-ID |
<87d5xwb92h.fsf@jidanni.org>
|
MIME-Version |
1.0
|
Content-Type |
text/plain; charset=us-ascii
|
X-Spam-Status |
No, hits=-4.9 tagged_above=-999.0 required=3.0 tests=BAYES_00
|
X-Spam-Level |
|
H> How to be more secure?
In ...-install.sh use tar --no-same-owner.
|
|
Wed, Dec 1 2004
18:45:52
|
|
Mail sent by mneteler
|
|
From Dan Jacobson
Date Tue, 30 Nov 2004 06:10:30 +0800
>> How to be more secure?
>In ...-install.sh use tar --no-same-owner.
Is this a portable option?
Markus |
|
Fri, Dec 3 2004
05:07:58
|
|
Mail sent by jidanni@jidanni.org
|
|
Return-Path |
<jidanni@jidanni.org>
|
Delivered-To |
grass-bugs@lists.intevation.de
|
To |
Markus Neteler via RT <grass-bugs@intevation.de>
|
Cc |
grass@grass.itc.it, bug-tar@gnu.org
|
Subject |
[bug #2720] (grass) tar --no-same-owner
|
References |
<20041201174552.4D020102C0C@lists.intevation.de>
|
From |
Dan Jacobson <jidanni@jidanni.org>
|
Date |
Fri, 03 Dec 2004 06:18:45 +0800
|
Message-ID |
<87d5xswdh6.fsf@jidanni.org>
|
MIME-Version |
1.0
|
Content-Type |
text/plain; charset=us-ascii
|
X-Spam-Status |
No, hits=-4.5 tagged_above=-999.0 required=3.0 tests=BAYES_00, DATE_IN_PAST_03_06
|
X-Spam-Level |
|
>>> How to be more secure?
>> In ...-install.sh use tar --no-same-owner.
H> Is this a portable option?
the GNU manual doesn't go into it.
If not then "chown -R root... tree" before creating the tar, or
test `id -u` = 0 && "chown -R root... tree" for the user untarring, or
something.
|
|
Mon, Dec 6 2004
15:56:48
|
|
Mail sent by schilling@fokus.fraunhofer.de
|
|
Return-Path |
<schilling@fokus.fraunhofer.de>
|
Delivered-To |
grass-bugs@lists.intevation.de
|
From |
Joerg Schilling <schilling@fokus.fraunhofer.de>
|
Date |
Mon, 06 Dec 2004 15:55:53 +0100
|
To |
jidanni@jidanni.org, grass-bugs@intevation.de
|
Cc |
grass@grass.itc.it, bug-tar@gnu.org
|
Subject |
Re: [Bug-tar] [bug #2720] (grass) tar --no-same-owner
|
Message-ID |
<41B472F9.nailIPGH1ABMS@burner>
|
References |
<20041201174552.4D020102C0C@lists.intevation.de> <87d5xswdh6.fsf@jidanni.org>
|
In-Reply-To |
<87d5xswdh6.fsf@jidanni.org>
|
User-Agent |
nail 11.2 8/15/04
|
MIME-Version |
1.0
|
Content-Type |
text/plain; charset=iso-8859-1
|
Content-Transfer-Encoding |
8bit
|
X-Spam-Status |
No, hits=-4.9 tagged_above=-999.0 required=3.0 tests=BAYES_00
|
X-Spam-Level |
|
Dan Jacobson <jidanni@jidanni.org> wrote:
> >>> How to be more secure?
> >> In ...-install.sh use tar --no-same-owner.
>
> H> Is this a portable option?
> the GNU manual doesn't go into it.
> If not then "chown -R root... tree" before creating the tar, or
> test `id -u` = 0 && "chown -R root... tree" for the user untarring, or
> something.
tar --no-same-owner is 100% nonportable.
Better to use:
o Assign to extracted files the user and group identifier of the user running
the program rather than those on the archive.
But note that GNU tar did violate POSIX/SVSv2 for a while at this point.
Jörg
--
EMail:joerg@schily.isdn.cs.tu-berlin.de (home) Jörg Schilling D-13353 Berlin
js@cs.tu-berlin.de (uni) If you don't have iso-8859-1
schilling@fokus.fraunhofer.de (work) chars I am J"org Schilling
URL: http://www.fokus.fraunhofer.de/usr/schilling ftp://ftp.berlios.de/pub/schily
|
|
Wed, Dec 8 2004
00:05:39
|
|
Mail sent by jidanni@jidanni.org
|
|
Return-Path |
<jidanni@jidanni.org>
|
Delivered-To |
grass-bugs@lists.intevation.de
|
To |
grass-bugs@intevation.de, bug-tar@gnu.org
|
Subject |
Re: [Bug-tar] [bug #2720] (grass) tar --no-same-owner
|
References |
<20041201174552.4D020102C0C@lists.intevation.de> <87d5xswdh6.fsf@jidanni.org> <41B472F9.nailIPGH1ABMS@burner>
|
From |
Dan Jacobson <jidanni@jidanni.org>
|
Date |
Tue, 07 Dec 2004 07:21:27 +0800
|
Message-ID |
<87d5xnggi0.fsf@jidanni.org>
|
MIME-Version |
1.0
|
Content-Type |
text/plain; charset=us-ascii
|
X-Spam-Status |
No, hits=-4.2 tagged_above=-999.0 required=3.0 tests=BAYES_00, DATE_IN_PAST_12_24
|
X-Spam-Level |
|
Joerg> tar --no-same-owner is 100% nonportable.
Joerg> Better to use:
Joerg> o Assign to extracted files the user and group identifier of
Joerg> the user running the program rather than those on the archive.
There needs to be recommendations for the person creating the tar
archive, not the simpler person extracting it. "How to make safe
archives".
All I can think of then is to chown root(.root or 0.0 or whatever) the
file tree before creating the archive.
Do note all this in the tar manual.
|
|
Tue, Oct 4 2005
11:20:00
|
|
Mail sent by msieczka
|
|
Does this bug still apply to 6.1? Was the last suggestion mentioned by Dan
Jacobson applied?
Cheers,
Maciek |
|
Tue, Oct 4 2005
11:46:42
|
|
Mail sent by mneteler
|
|
No, it wasn't applied.
The tarballs are created on user level (also extracted from CVS
on user level), so I cannot run chown -R root ... (AFAIK).
Markus |
|
Mon, Oct 17 2005
13:43:35
|
|
Area changed to grass6 by msieczka
|
|
Thu, Aug 3 2006
15:03:42
|
|
Comments added by guest
|
|
Cc: tutey@o2.pl
I can confirm the file ownerhship still being '1338' when extracting source
code snapshot as root. Maybe we should insert a note about the need to change
ownership after extraction in README or INSTALL (?)
~ Eric. |
|
Thu, Aug 3 2006
15:48:22
|
|
Mail sent by mneteler
|
|
There is no real reason to extract GRASS source code
as root.
Markus
PS: I am willing to change the packaging if someone tells
me how to do that in a portable way. Note that the tarball
is *not* created by root at grass.itc.it but by 'neteler' (cronjob). |
|
Thu, Aug 3 2006
16:17:22
|
|
Mail sent by guest
|
|
Is it fair to say that this is a bug in Grass, or improper installation by the
end-user?
~ Eric. |
|
Fri, Aug 25 2006
23:54:47
|
|
Comments added by guest
|
|
Cc: tutey@o2.pl
Based on Markus' comment, it seems there isn't a real security issue here. Can
we close this one?
~ Eric. |
|
Sun, Sep 3 2006
12:38:09
|
|
Status changed to resolved by msieczka
|
|
Sun, Sep 3 2006
12:38:09
|
|
Mail sent by msieczka
|
|
mneteler wrote (Thu, Aug 3 2006 15:48:22):
> There is no real reason to extract GRASS source code
> as root.
I would second Markus's note. Actually, only installing the software should be
done as a superuser. Unpacking, configure, make (as well as any other user
activity, i.e. browsing web or writing documents) should be all done as a
normal user for the sake of security. I would say that doing any of these as
root is the user's failure to behave secure.
Closing bug.
Maciek
|
|