Your message dated Sun, 24 Dec 2006 00:14:52 -0700
with message-id <[EMAIL PROTECTED]>
and subject line Bug#197197: gzip: gzexe improved
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--- Begin Message ---
Package: gzip
Version: 1.3.2-3woody1
Severity: normal
Tags: patch security
As discussed under Bug#193375, there are security issues with gzexe:
Does "funny" things to objects in the current directory
(is unsafe to use when 'cd'-ed into /tmp or similar)
Looks for tail in current PATH (may use ./tail or similar
in script, making it unsafe)
There is also a useability issue:
May not call the unpacked exe by its original name (would confuse
utilities that care e.g. gzip/gunzip)
None are likely scenarios so do not really need fixing.
My version below (full file: too many changes for diff to be useful).
Cheers,
Paul Szabo - [EMAIL PROTECTED] http://www.maths.usyd.edu.au:8000/u/psz/
School of Mathematics and Statistics University of Sydney 2006 Australia
---
Proposed new version /bin/gzexe :
#!/bin/sh
# gzexe: compressor for Unix executables.
# Use this only for binaries that you do not use frequently.
#
# The compressed version is a shell script which decompresses itself after
# skipping $skip lines of shell commands. We try invoking the compressed
# executable with the original name (for programs looking at their name).
# We also try to retain the original file permissions on the compressed file.
# For safety reasons, gzexe will not create setuid or setgid shell scripts.
# WARNING: the first line of this file must be either : or #!/bin/sh
# The : is required for some old versions of csh.
# On Ultrix, /bin/sh is too buggy, change the first line to: #!/bin/sh5
# We use several temporary files: makes sense to create a safe temporary
# directory and put them all there. Using one ensures we can invoke the
# executable with original name, without "set -C", umask or ln.
# Use mktemp or tempfile on systems where available.
# Instead of figuring out where tail is, set a sensible (simple) PATH,
# and ensure all utilities we need are available within. (Do not add
# from current PATH as that would be info disclosure.)
# (Can we trust tail to cope with long lines and binary data? Bah...)
zer0="`echo $0 | sed -e 's|^.*/||'`"
decomp=0
res=0
test "$zer0" = "ungzexe" && decomp=1
if test "x$1" = "x-d"; then
decomp=1
shift
fi
if test $# = 0; then
echo "compress executables. original file foo is renamed to foo~"
echo "usage: ${zer0} [-d] files..."
echo " -d decompress the executables"
exit 1
fi
IFS="${IFS:- }"; saveifs="$IFS"
utils='gzip tail chmod sed sleep rm mkdir'
utilsxtr='ls cat mv cp'
goodpath='/bin:/usr/bin'
# Check that all utils are found somewhere in goodpath (or PATH)
#needpath=''
IFS="${IFS} :"
for utl in $utils $utilsxtr; do
need=1
# for dir in $goodpath $PATH; do
for dir in $goodpath; do
# Use absolute paths only (skip relative or empty)
case "$dir" in /* ) ;; * ) continue;; esac
if test -f "$dir/$utl"; then
need=0
# needpath="$needpath $dir"
break
fi
done
if test "$need" = 1; then
# echo "${zer0}: Cannot find $utl in $goodpath or $PATH"
echo "${zer0}: Cannot find $utl in $goodpath"
exit 1
fi
done
IFS="$saveifs"
## Add to goodpath if needed (from current PATH: info disclosure !!??)
#IFS="${IFS} :"
#for dir in $goodpath $PATH; do
# # Use absolute paths only (skip relative or empty)
# case "$dir" in /* ) ;; * ) continue;; esac
# # Skip if have it already
# case ":$goodpath:" in *":$dir:"* ) continue;; esac
# # Skip unless needed
# case " $needpath " in *" $dir "* ) ;; * ) continue;; esac
# if test -z "$goodpath"; then
# goodpath="$dir"
# else
# goodpath="$goodpath:$dir"
# fi
#done
#IFS="$saveifs"
PATH="$goodpath"
tmpdir="`mktemp -d /tmp/gztmp.XXXXXXXXXX 2>/dev/null`" || tmpdir=''
if test -z "$tmpdir"; then
tmpdir="`tempfile -p gztmp -d /tmp 2>/dev/null`" || tmpdir=''
if test -z "$tmpdir"; then
tmpdir=/tmp/gztmp$$
fi
rm -f $tmpdir; rm -rf $tmpdir
mkdir -m 700 $tmpdir || { echo "${zer0}: Cannot mkdir $tmpdir"; exit 1; }
fi
trap "rm -rf $tmpdir; exit 1" 1 2 3 5 10 13 15
# Paranoia: sanity check $tmpdir
case "$tmpdir" in
'' ) echo "${zer0}: Temporary directory name empty"; exit 1;;
*[^/A-Za-z0-9_.-]* ) echo "${zer0}: Bad temporary directory name $tmpdir";
exit 1;;
esac
if test ! -d $tmpdir; then
echo "${zer0}: Cannot make temporary directory $tmpdir"
exit 1
fi
if test ! -w $tmpdir; then
echo "${zer0}: Temporary directory $tmpdir not writable"
exit 1
fi
case "`ls -ld $tmpdir`" in
drwx------* ) ;;
* )
echo "${zer0}: Temporary directory $tmpdir has bad type/permissions"
exit 1
;;
esac
if test -n "`ls -A $tmpdir`"; then
echo "${zer0}: Temporary directory $tmpdir not empty"
exit 1
fi
cpmod=""
echo hi > $tmpdir/zfoo1
echo hi > $tmpdir/zfoo2
if test -z "`(${CPMOD:-cpmod} $tmpdir/zfoo1 $tmpdir/zfoo2) 2>&1`"; then
cpmod="${CPMOD:-cpmod}"
fi
rm -f $tmpdir/zfoo1 $tmpdir/zfoo2
tmpfil=$tmpdir/tmpfil
for i do
case "$i" in
'' ) echo "${zer0}: empty name (unchanged)"; continue;;
*[^/A-Za-z0-9_.+-]* ) echo "${zer0}: bad name $i (unchanged)"; continue;;
esac
x="`echo $i | sed -e 's|^.*/||'`"
case "$x" in
'' ) echo "${zer0}: $i has empty name, unchanged"; continue;;
*[^A-Za-z0-9_.+-]* ) echo "${zer0}: $i has bad name, unchanged"; continue;;
esac
case " $utils " in
*" $x "* ) echo "${zer0}: $i would depend on itself, unchanged"; continue;;
esac
if test ! -f "$i" ; then
echo "${zer0}: $i not a file, unchanged"
continue
fi
case "`ls -ld $i`" in
???[sS]* ) echo "${zer0}: $i has setuid permission, unchanged"; continue;;
??????[sS]* ) echo "${zer0}: $i has setgid permission, unchanged"; continue;;
'-'?wx* ) writable=1;;
'-'??x* ) writable=0;;
'-'* ) echo "${zer0}: $i is not executable, unchanged"; continue;;
* ) echo "${zer0}: $i is not a file, unchanged"; continue;;
esac
rm -f $tmpfil
if test -z "$cpmod"; then
cp -p "$i" $tmpfil 2>/dev/null || cp "$i" $tmpfil
chmod u+w $tmpfil 2>/dev/null
fi
skipline="`sed -n -e 1d -e '/^skip=[0-9][0-9]*$/ p' -e 2q $i`" || skipline=''
if test $decomp -eq 0; then
# compression
if test -n "$skipline"; then
echo "${zer0}: $i is already gzexe'd, unchanged"
continue
fi
{
sed -e 1q $0
echo 'skip=25'
echo 'savepath="$PATH"'
echo "PATH=$PATH"
cat <<'EOF'
tmpd="`mktemp -d /tmp/gztmp.XXXXXXXXXX 2>/dev/null`" || tmpd=''
if test -z "$tmpd"; then
tmpd="`tempfile -p gztmp -d /tmp 2>/dev/null`" || tmpd=''
if test -z "$tmpd"; then
tmpd=/tmp/gztmp$$
fi
rm -f $tmpd; rm -rf $tmpd
mkdir -m 700 $tmpd || { echo "gzexe: Cannot mkdir $tmpd"; exit 1; }
fi
trap 'rm -rf $tmpd; exit $res' 0
tmpf="$tmpd/`echo $0 | sed -e 's|^.*/||'`"
if tail +$skip $0 | gzip -cd > "$tmpf"; then
chmod 700 "$tmpf"
( sleep 5; rm -rf $tmpd; ) 2>/dev/null &
PATH="$savepath" "$tmpf" ${1+"$@"}; res=$?
else
echo "Cannot decompress $0"; res=1
fi;
rm -rf $tmpd
exit $res
EOF
} > $tmpfil
gzip -cv9 "$i" >> $tmpfil || {
echo "${zer0}: compression not possible for $i, file unchanged."
res=1
continue
}
else
# decompression
# Instead of current skip value, should use that of last older
# version that did not have skip line
skip=25
if test -n "$skipline"; then
eval "$skipline"
fi
tail +$skip "$i" | gzip -cd > $tmpfil || {
echo "${zer0}: $i probably not in gzexe format, file unchanged."
res=1
continue
}
fi
rm -f "$i~"
mv "$i" "$i~" || {
echo "${zer0}: cannot backup $i as $i~"
res=1
continue
}
mv $tmpfil "$i" || cp -p $tmpfil "$i" 2>/dev/null || cp $tmpfil "$i" || {
echo "${zer0}: cannot create $i"
res=1
continue
}
if test -n "$cpmod"; then
"$cpmod" "$i~" "$i" 2>/dev/null
elif test $writable -eq 0; then
chmod u-w "$i" 2>/dev/null
fi
done
rm -rf $tmpdir
exit $res
-- System Information
Debian Release: 3.0
Architecture: i386
Kernel: Linux pisa.maths.usyd.edu.au 2.4.19 #1 SMP Wed Nov 13 10:02:38 EST 2002
i686
Locale: LANG=C, LC_CTYPE=C
Versions of packages gzip depends on:
ii debianutils 1.16 Miscellaneous utilities specific t
ii libc6 2.2.5-11.5 GNU C Library: Shared libraries an
--- End Message ---
--- Begin Message ---
On Sat, 2006-12-23 at 21:58 -0800, Paul Eggert wrote:
> I think all the bugs reported in <http://bugs.debian.org/197197> are
> fixed in gzip 1.3.9.
Thanks, Paul. Closing the bug.
Bdale
--- End Message ---
