diff options
| author | Sören Tempel <soeren+git@soeren-tempel.net> | 2018-10-11 17:44:27 +0200 |
|---|---|---|
| committer | Sören Tempel <soeren+git@soeren-tempel.net> | 2018-10-11 17:44:27 +0200 |
| commit | ea0b262b7353f36cf4fe1e366bf9ce5b3870cb82 (patch) | |
| tree | 7339a9561a2a05ec5aea8147dd169314b05e4129 /main/abuild | |
| parent | 83567263f653ea330b401590292e81441ebb310b (diff) | |
| download | aports-ea0b262b7353f36cf4fe1e366bf9ce5b3870cb82.tar.bz2 aports-ea0b262b7353f36cf4fe1e366bf9ce5b3870cb82.tar.xz | |
main/abuild: backport symlink handling fix for abuild-rmtemp
Diffstat (limited to 'main/abuild')
| -rw-r--r-- | main/abuild/0001-abuild-rmtemp-Do-not-follow-symbolic-links.patch | 34 | ||||
| -rw-r--r-- | main/abuild/APKBUILD | 8 |
2 files changed, 39 insertions, 3 deletions
diff --git a/main/abuild/0001-abuild-rmtemp-Do-not-follow-symbolic-links.patch b/main/abuild/0001-abuild-rmtemp-Do-not-follow-symbolic-links.patch new file mode 100644 index 0000000000..82a9d2af60 --- /dev/null +++ b/main/abuild/0001-abuild-rmtemp-Do-not-follow-symbolic-links.patch @@ -0,0 +1,34 @@ +From 0b8a272359685c5b9b3c87444c79eeb3b75c9992 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?S=C3=B6ren=20Tempel?= <soeren+git@soeren-tempel.net> +Date: Thu, 11 Oct 2018 16:44:45 +0200 +Subject: [PATCH] abuild-rmtemp: Do not follow symbolic links + +Symbolic links might point to files outside of the chroot and +thus might delete files outside the chroot. This allows deletion +of arbitrary directories on the host from a malicious APKBUILD. + +Following hard links shouldn't be a problem since hard links (usually) +cannot refer to directories and since remove(3) removes the link, not +the file it points to it shouldn't cause a problem. + +I noticed this because alpine-baselayout creates /var/run as a symlink +to /run. Therefore causing /run to be deleted on the host when using +abuild-rmtemp which in turn causes a bunch of software to no longer +function properly (including OpenRC). +--- + abuild-rmtemp.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/abuild-rmtemp.c b/abuild-rmtemp.c +index 1fca31c..b9511ce 100644 +--- a/abuild-rmtemp.c ++++ b/abuild-rmtemp.c +@@ -44,7 +44,7 @@ int main(int argc, char **argv) { + if (!p) errx(1, "Incorrect user"); + if (s.st_uid != p->pw_uid) errx(1, "Permission denied"); + +- if (nftw(argv[1], handler, 512, FTW_DEPTH)) fail(); ++ if (nftw(argv[1], handler, 512, FTW_DEPTH|FTW_PHYS)) fail(); + + return 0; + } diff --git a/main/abuild/APKBUILD b/main/abuild/APKBUILD index 9debc4f240..d041459a10 100644 --- a/main/abuild/APKBUILD +++ b/main/abuild/APKBUILD @@ -2,7 +2,7 @@ pkgname=abuild pkgver=3.3.0_pre1 _ver=${pkgver%_git*} -pkgrel=0 +pkgrel=1 pkgdesc="Script to build Alpine Packages" url="https://git.alpinelinux.org/cgit/abuild/" arch="all" @@ -20,7 +20,8 @@ subpackages="apkbuild-cpan:cpan:noarch apkbuild-gem-resolver:gems:noarch abuild-rootbld:_rootbld:noarch $pkgname-doc" options="suid !check" pkggroups="abuild" -source="https://dev.alpinelinux.org/archive/abuild/abuild-$_ver.tar.xz" +source="https://dev.alpinelinux.org/archive/abuild/abuild-$_ver.tar.xz + 0001-abuild-rmtemp-Do-not-follow-symbolic-links.patch" builddir="$srcdir/$pkgname-$_ver" prepare() { @@ -66,4 +67,5 @@ _rootbld() { mkdir -p "$subpkgdir" } -sha512sums="5d3c2c04a7d6ede2c08b524423f9594ced42d4d67f10327996a38e0782fc2de1f8086187aa9a9072df5c1aced540bdcf1b8002b832df4cf2c6a56f6f89657aa7 abuild-3.3.0_pre1.tar.xz" +sha512sums="5d3c2c04a7d6ede2c08b524423f9594ced42d4d67f10327996a38e0782fc2de1f8086187aa9a9072df5c1aced540bdcf1b8002b832df4cf2c6a56f6f89657aa7 abuild-3.3.0_pre1.tar.xz +e2cefff3b9d460132a7ef90c5f8ddb309b748e2ef40157c31d3dc047b0516838d8c5a0fe51952e004252ad15a76c5758d61f8deb35a970a0841fec188f8d521d 0001-abuild-rmtemp-Do-not-follow-symbolic-links.patch" |