Mailinglist Archive: opensuse-packaging (68 mails)
| < Previous | Next > |
Re: [opensuse-packaging] cleaning the buildroot correctly
- From: Marcus Rueckert <mrueckert@xxxxxxx>
- Date: Wed, 14 Feb 2007 20:08:49 +0100
- Message-id: <20070214190849.GU8139@xxxxxxx>
On 2007-02-14 18:02:22 +0100, Marcus Meissner wrote:
> darix asked me to post this ;)
thanks!:)
> Quite some time ago we had the discussion how the
> buildroot should be created in a secure way in %install.
>
> BAD:
> %install
> rm -rf $RPM_BUILD_ROOT
> mkdir -p $RPM_BUILD_ROOT/usr/... or make install
>
> Why?
>
> RPM_BUILD_ROOT is within /var/tmp and you just opened a trivial
> race condition to a local attacker on your machine to take over
> your account (or event root if you build as root).
>
> It is better not to "rm -rf $RPM_BUILD_ROOT" in %install at all
> (and rely on %clean to do it).
>
> If you want to clean it, better do:
> %install
> rm -rf $RPM_BUILD_ROOT
> mkdir $RPM_BUILD_ROOT
> mkdir -p $RPM_BUILD_ROOT/usr ... or make install
>
> In this case the "mkdir $RPM_BUILD_ROOT" would fail and the build would
> abort if an attacker tries to replace the buildroot by his own symlink.
>
> (or similar ;)
for suse based distributions there is no need for rm -rf $BUILD_ROOT as
our rpm is taking care of this for you.
so if you just care about packaging for suse leave the rm line out.
darix
--
openSUSE - SUSE Linux is my linux
openSUSE is good for you
www.opensuse.org
---------------------------------------------------------------------
To unsubscribe, e-mail: opensuse-packaging+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse-packaging+help@xxxxxxxxxxxx
> darix asked me to post this ;)
thanks!:)
> Quite some time ago we had the discussion how the
> buildroot should be created in a secure way in %install.
>
> BAD:
> %install
> rm -rf $RPM_BUILD_ROOT
> mkdir -p $RPM_BUILD_ROOT/usr/... or make install
>
> Why?
>
> RPM_BUILD_ROOT is within /var/tmp and you just opened a trivial
> race condition to a local attacker on your machine to take over
> your account (or event root if you build as root).
>
> It is better not to "rm -rf $RPM_BUILD_ROOT" in %install at all
> (and rely on %clean to do it).
>
> If you want to clean it, better do:
> %install
> rm -rf $RPM_BUILD_ROOT
> mkdir $RPM_BUILD_ROOT
> mkdir -p $RPM_BUILD_ROOT/usr ... or make install
>
> In this case the "mkdir $RPM_BUILD_ROOT" would fail and the build would
> abort if an attacker tries to replace the buildroot by his own symlink.
>
> (or similar ;)
for suse based distributions there is no need for rm -rf $BUILD_ROOT as
our rpm is taking care of this for you.
so if you just care about packaging for suse leave the rm line out.
darix
--
openSUSE - SUSE Linux is my linux
openSUSE is good for you
www.opensuse.org
---------------------------------------------------------------------
To unsubscribe, e-mail: opensuse-packaging+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse-packaging+help@xxxxxxxxxxxx
| < Previous | Next > |