Full Disclosure mailing list archives
Re: Linux kernel source archive vulnerable
From: hadmut () danisch de (Hadmut Danisch)
Date: Fri, 8 Sep 2006 20:17:05 +0200
Hi Jerry, On Fri, Sep 08, 2006 at 12:06:41PM -0500, Gerald (Jerry) Carter wrote:
So how would you do make install make modules_installBuilding and install are separate operations.
Really? Both means to do what is standing in the Makefile. Both is executing the Makefile. Installation is, btw, more intrusive since it is not limited to the source directory. So in my eyes there is no point in compiling as non-root when you install as root then. The basic problem is that the wrong tool is used. It may sound strange, but tar is simply the wrong tool: They want to distribute source files without any assigned file permissions, but use a tape archive tool which inherently carries uid, gid and permissions with it. To circumvent the use of the wrong tool, they are using world writable permissions. It may sound funny to consider tar as the wrong tool, but it is.
If you unpack the kernel as non-root, then the versions of tar I've tested do not preserve the original permissions but rather apply the current umask.
This makes it even worse. Because if other versions of tar do not show this behavior (and I learned tar about 20 years ago on Unix) people do not necessarily expect this behavior and do not have any reason to ask google about how to use tar. If you cannot trust the kernel source to compile it as root, how could you run it with root permissions (i.e. use it as a kernel)? regards Hadmut _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Linux kernel source archive vulnerable, (continued)
- Re: Linux kernel source archive vulnerable FRLinux (Sep 08)
- Re: Linux kernel source archive vulnerable Lee Ball (Sep 08)
- Re: Linux kernel source archive vulnerable Hadmut Danisch (Sep 08)
- RE: Linux kernel source archive vulnerable Airey, John (Sep 08)
- Re: Linux kernel source archive vulnerable Georgi Guninski (Sep 08)
- Re: Linux kernel source archive vulnerable Roland Kuhn (Sep 08)
- Re: Linux kernel source archive vulnerable Hadmut Danisch (Sep 08)
- Re: Linux kernel source archive vulnerable Gerald (Jerry) Carter (Sep 08)
- Re: Linux kernel source archive vulnerable Hadmut Danisch (Sep 08)
- Re: Linux kernel source archive vulnerable Gerald (Jerry) Carter (Sep 08)
- Re: Linux kernel source archive vulnerable Hadmut Danisch (Sep 08)
- Re: Linux kernel source archive vulnerable Gerald (Jerry) Carter (Sep 08)
- Re: Linux kernel source archive vulnerable Hadmut Danisch (Sep 08)
- Re: Re: Linux kernel source archive vulnerable Michael Gale (Sep 08)
- Re: Re: Linux kernel source archive vulnerable Valdis . Kletnieks (Sep 09)
- Re: Linux kernel source archive vulnerable Ron (Sep 24)
- Re: Linux kernel source archive vulnerable Hadmut Danisch (Sep 08)
- Re: Re: Linux kernel source archive vulnerable Jurjen Oskam (Sep 08)
- tar alternative Tim (Sep 08)
- Re: tar alternative Cristi Mitrana (Sep 08)
- Re: Re: tar alternative Tim (Sep 09)
- Re: Re: tar alternative darren kirby (Sep 09)