Re: Linux kernel source archive vulnerable

[hadmut () danisch de (Hadmut Danisch)]

Hi Jerry, 

On Fri, Sep 08, 2006 at 12:06:41PM -0500, Gerald (Jerry) Carter wrote:
> > So how would you do  
> >
> >   make install 
> >   make modules_install
>
> Building and install are separate operations.


Really? Both means to do what is standing in the Makefile. 
Both is executing the Makefile.

Installation is, btw, more intrusive since it is not limited to the
source directory. So in my eyes there is no point in compiling as
non-root when you install as root then. 


The basic problem is that the wrong tool is used. It may sound
strange, but tar is simply the wrong tool: They want to distribute
source files without any assigned file permissions, but use a tape
archive tool which inherently carries uid, gid and permissions with
it. To circumvent the use of the wrong tool, they are using world
writable permissions.

It may sound funny to consider tar as the wrong tool, but it is.




> If
> you unpack the kernel as non-root, then the versions
> of tar I've tested do not preserve the original
> permissions but rather apply the current umask.


This makes it even worse. Because if other versions of tar do not show
this behavior (and I learned tar about 20 years ago on Unix) people do
not necessarily expect this behavior and do not have any reason to ask
google about how to use tar. 


If you cannot trust the kernel source to compile it as root, how could
you run it with root permissions (i.e. use it as a kernel)?


regards
Hadmut

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/