Funky doc perms for util-linux-ng (stock Slackware package)

shadowsnipes · 10-14-2008, 10:49 PM

I just realized today that the files under /usr/doc/adjtimex-1.23/, which are from the stock Slackware 12.1 util-linux-ng-2.13.1-i486-1 package have uid and gid 1000!

Could someone with Slackware 12.1 do a quick

Code:

ls -l /usr/doc/adjtimex-1.23/

to let me know if others have this problem. If you do then I need to send a bug report to Pat.

willysr · 10-14-2008, 11:06 PM

mine is root:root, but i use updated util-linux package (2.14.1 from -Current)

shadowsnipes · 10-14-2008, 11:36 PM

Quote:

Originally Posted by willysr

mine is root:root, but i use updated util-linux package (2.14.1 from -Current)

That's good to know it isn't a problem in -current.

wadsworth · 10-15-2008, 01:10 AM

I can confirm this on Slackware 12.1
Weird. How do you think that happened?

Code:

# find /. -gid 1000
/./usr/doc/adjtimex-1.23/adjtimex.lsm
/./usr/doc/adjtimex-1.23/COPYRIGHT
/./usr/doc/adjtimex-1.23/README.ru
/./usr/doc/adjtimex-1.23/COPYING
/./usr/doc/adjtimex-1.23/README

shadowsnipes · 10-15-2008, 01:23 AM

Quote:

Originally Posted by wadsworth

I can confirm this on Slackware 12.1
Weird. How do you think that happened?

Code:

# find /. -gid 1000
/./usr/doc/adjtimex-1.23/adjtimex.lsm
/./usr/doc/adjtimex-1.23/COPYRIGHT
/./usr/doc/adjtimex-1.23/README.ru
/./usr/doc/adjtimex-1.23/COPYING
/./usr/doc/adjtimex-1.23/README

It can happen when a build script is run on source files with non-root perms. If cp -a is used, for instance, instead of cat then you have to manually change the ownership to root.

Edit:
I sent Robby a notice of the problem.

brianL · 10-15-2008, 06:30 AM

Yes. Another confirmation, if needed:

Code:

brian@BrisSGL:~$ ls -l /usr/doc/adjtimex-1.23/
total 44
-rw-r--r-- 1 brian 1000 17982 1998-04-20 22:27 COPYING
-rw-r--r-- 1 brian 1000   764 1998-04-20 22:27 COPYRIGHT
-rw-r--r-- 1 brian 1000  6855 2007-10-06 18:36 README
-rw-r--r-- 1 brian 1000  7141 2004-04-03 20:51 README.ru
-rw-r--r-- 1 brian 1000   419 2007-10-06 01:22 adjtimex.lsm

keefaz · 10-15-2008, 06:47 AM

/usr/doc/adjtimex-1.23 directory permissions are set to 0755 root/root
and the files in this directory are set to 0644 1000/1000
(on my system, slackware 12.1, not current)

rworkman · 10-15-2008, 07:26 AM

Thanks for the report, Phil. I think I recall someone mentioning this before, and my opinion then and now is that it's not really critical at all - it's just docs, so the worst thing that can happen is uid 1000 can edit them. Either way, an updated package isn't justified IMHO.

As for how it happened, oversight on my part - I missed that before I pushed my local repo to Pat, so don't blame him :-)

shadowsnipes · 10-15-2008, 09:24 AM

Quote:

Originally Posted by rworkman

Thanks for the report, Phil. I think I recall someone mentioning this before, and my opinion then and now is that it's not really critical at all - it's just docs, so the worst thing that can happen is uid 1000 can edit them. Either way, an updated package isn't justified IMHO.

As for how it happened, oversight on my part - I missed that before I pushed my local repo to Pat, so don't blame him :-)

It's easy to do. I actually did it on the whaw SlackBuild I submitted recently and you fixed it for me

The main reason it concerns me is for people running servers and such. A potentially malicious user could fill up / and grind it to a halt. However, seeing as how the uid is 1000 it is unlikely that it will correspond to some random malicious user.

If nothing else, I just wanted people to be aware of this. Perhaps a quick note on the Security mailing list would be worthwhile? Perhaps this thread is enough.

Thanks for the quick response, Robby!

robel · 10-15-2008, 10:41 AM

Same here. Slackware 12.1