On Friday 2009 January 16 15:06:33 Vincent Zweije wrote: >On Fri, Jan 16, 2009 at 01:45:44PM -0700, Michael Loftis wrote: >|| --On January 16, 2009 7:29:13 PM +0100 Johannes Wiedersich >|| <johan...@physik.blm.tu-muenchen.de> wrote: >|| > IIRC, a hard link is the same file called two different names. If >|| > dpkg/apt change the file in one location (security update), the other >|| > one will be changed as well [1]... > >Hm! If it's not already that way, it might be a nice idea for a package >manager to reset setuid bits before removing a setuid executable.
Removing the suid bits would be sufficient. As dpkg is already running as root, this could normally be done just before the normal remove/upgrade/install process. >|| Something that most packaging >|| systems do not do, the reason being is that with the way modern >|| systems/kernels execute code, this would modify running code (They >|| generally mmap the code, readonly, into the processes address space). > >I expect the mmapped executable to be private and copy on write, so you >can write all you want but you can't modify the map that's already in >use by the process. You'll only manage breaking the sharing. > >|| FreeBSD atleast IIRC prevents this, Text File Busy/Text File In Use >|| error. As does Linux (openSUSE): $ sudo /bin/sh -c '> /opt/kde3/bin/kget' /bin/sh: /opt/kde3/bin/kget: Text file busy -- Boyd Stephen Smith Jr. ,= ,-_-. =. b...@iguanasuicide.net ((_/)o o(\_)) ICQ: 514984 YM/AIM: DaTwinkDaddy `-'(. .)`-' http://iguanasuicide.net/ \_/
signature.asc
Description: This is a digitally signed message part.