LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Slackware (https://www.linuxquestions.org/questions/slackware-14/)
-   -   Funky doc perms for util-linux-ng (stock Slackware package) (https://www.linuxquestions.org/questions/slackware-14/funky-doc-perms-for-util-linux-ng-stock-slackware-package-676413/)

shadowsnipes 10-14-2008 10:49 PM

Funky doc perms for util-linux-ng (stock Slackware package)
 
I just realized today that the files under /usr/doc/adjtimex-1.23/, which are from the stock Slackware 12.1 util-linux-ng-2.13.1-i486-1 package have uid and gid 1000!

Could someone with Slackware 12.1 do a quick
Code:

ls -l /usr/doc/adjtimex-1.23/
to let me know if others have this problem. If you do then I need to send a bug report to Pat.

willysr 10-14-2008 11:06 PM

mine is root:root, but i use updated util-linux package (2.14.1 from -Current)

shadowsnipes 10-14-2008 11:36 PM

Quote:

Originally Posted by willysr (Post 3310398)
mine is root:root, but i use updated util-linux package (2.14.1 from -Current)

That's good to know it isn't a problem in -current.

wadsworth 10-15-2008 01:10 AM

I can confirm this on Slackware 12.1
Weird. How do you think that happened?
Code:

# find /. -gid 1000
/./usr/doc/adjtimex-1.23/adjtimex.lsm
/./usr/doc/adjtimex-1.23/COPYRIGHT
/./usr/doc/adjtimex-1.23/README.ru
/./usr/doc/adjtimex-1.23/COPYING
/./usr/doc/adjtimex-1.23/README


shadowsnipes 10-15-2008 01:23 AM

Quote:

Originally Posted by wadsworth (Post 3310475)
I can confirm this on Slackware 12.1
Weird. How do you think that happened?
Code:

# find /. -gid 1000
/./usr/doc/adjtimex-1.23/adjtimex.lsm
/./usr/doc/adjtimex-1.23/COPYRIGHT
/./usr/doc/adjtimex-1.23/README.ru
/./usr/doc/adjtimex-1.23/COPYING
/./usr/doc/adjtimex-1.23/README


It can happen when a build script is run on source files with non-root perms. If cp -a is used, for instance, instead of cat then you have to manually change the ownership to root.

Edit:
I sent Robby a notice of the problem.

brianL 10-15-2008 06:30 AM

Yes. Another confirmation, if needed:
Code:

brian@BrisSGL:~$ ls -l /usr/doc/adjtimex-1.23/
total 44
-rw-r--r-- 1 brian 1000 17982 1998-04-20 22:27 COPYING
-rw-r--r-- 1 brian 1000  764 1998-04-20 22:27 COPYRIGHT
-rw-r--r-- 1 brian 1000  6855 2007-10-06 18:36 README
-rw-r--r-- 1 brian 1000  7141 2004-04-03 20:51 README.ru
-rw-r--r-- 1 brian 1000  419 2007-10-06 01:22 adjtimex.lsm


keefaz 10-15-2008 06:47 AM

/usr/doc/adjtimex-1.23 directory permissions are set to 0755 root/root
and the files in this directory are set to 0644 1000/1000
(on my system, slackware 12.1, not current)

rworkman 10-15-2008 07:26 AM

Thanks for the report, Phil. I think I recall someone mentioning this before, and my opinion then and now is that it's not really critical at all - it's just docs, so the worst thing that can happen is uid 1000 can edit them. Either way, an updated package isn't justified IMHO.

As for how it happened, oversight on my part - I missed that before I pushed my local repo to Pat, so don't blame him :-)

shadowsnipes 10-15-2008 09:24 AM

Quote:

Originally Posted by rworkman (Post 3310720)
Thanks for the report, Phil. I think I recall someone mentioning this before, and my opinion then and now is that it's not really critical at all - it's just docs, so the worst thing that can happen is uid 1000 can edit them. Either way, an updated package isn't justified IMHO.

As for how it happened, oversight on my part - I missed that before I pushed my local repo to Pat, so don't blame him :-)

It's easy to do. I actually did it on the whaw SlackBuild I submitted recently and you fixed it for me :)

The main reason it concerns me is for people running servers and such. A potentially malicious user could fill up / and grind it to a halt. However, seeing as how the uid is 1000 it is unlikely that it will correspond to some random malicious user.

If nothing else, I just wanted people to be aware of this. Perhaps a quick note on the Security mailing list would be worthwhile? Perhaps this thread is enough.

Thanks for the quick response, Robby!

robel 10-15-2008 10:41 AM

Same here. Slackware 12.1


All times are GMT -5. The time now is 05:11 PM.