tags 476332 + fixed-upstream pending thanks Timothy G Abbott <[EMAIL PROTECTED]> writes:
> The discussion of O_NOFOLLOW in the following might be helpful: > > http://www.linux-knowledge-portal.org/en/content.php?&content/programming/secprog2.html > > Most attacks that O_NOFOLLOW prevents can be executed with hard > links; I believe the only exceptions are those in which the object > being opened is a directory or other object that cannot be hard > linked, and only then when the symlink is in the last component of > the directory name. Consequently, I believe O_NOFOLLOW is intended > for programs like find, and is not useful for much else. > > Correct me if I'm wrong, but I believe schroot only reads > configuration files from within /etc/, so it should not be > vulnerable to the typical race condition attacks that O_NOFOLLOW is > trying to prevent. I think this makes sense, and I have removed O_FOLLOW from the open(2) call. This will be in the next schroot upload, hopefully soon (time permitting). If you want to get a fixed version right now, you can check out the git repository % git clone git://git.debian.org/git/buildd-tools/schroot.git schroot This fix is on both the master and schroot-1.2 (stable for Lenny) branches. Regards, Roger -- .''`. Roger Leigh : :' : Debian GNU/Linux http://people.debian.org/~rleigh/ `. `' Printing on GNU/Linux? http://gutenprint.sourceforge.net/ `- GPG Public Key: 0x25BFB848 Please GPG sign your mail.
pgpNcpolT71Es.pgp
Description: PGP signature