Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id ; Tue, 19 Mar 2002 18:37:05 -0500 Received: (majordomo@vger.kernel.org) by vger.kernel.org id ; Tue, 19 Mar 2002 18:36:56 -0500 Received: from cpe-24-221-152-185.az.sprintbbd.net ([24.221.152.185]:41607 "EHLO opus.bloom.county") by vger.kernel.org with ESMTP id ; Tue, 19 Mar 2002 18:36:41 -0500 Date: Tue, 19 Mar 2002 16:34:32 -0700 From: Tom Rini To: Larry McVoy , Pavel Machek , Dave Jones , kernel list Subject: Re: Bitkeeper licence issues Message-ID: <20020319233432.GS3762@opus.bloom.county> In-Reply-To: <20020318212617.GA498@elf.ucw.cz> <20020318144255.Y10086@work.bitmover.com> <20020318231427.GF1740@atrey.karlin.mff.cuni.cz> <20020319002241.K17410@suse.de> <20020319220631.GA1758@elf.ucw.cz> <20020319152502.J14877@work.bitmover.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.3.27i Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Mar 19, 2002 at 03:25:02PM -0800, Larry McVoy wrote: > On Tue, Mar 19, 2002 at 11:06:32PM +0100, Pavel Machek wrote: > > > > > Pavel, the problem here is your fundamental distrust. > > > > By giving me binary-only installer you ask me to trust you. You ask me > > > > to trust you without good reason [it only generates .tar.gz and > > > > shellscript, why should it be binary? Was not shar designed to handle > > > > that?], and that's pretty suspect. > > > > > > Bitmover doing anything remotely suspect in an executable installer > > > would be commercial suicide, do you distrust realplayer too? > > > > Actually, the installer contains security hole allowing any user to > > overwrite any file on system if you install it as root with simple > > symlink. > > Come on Pavel, in order to make this happen, you have to > > a) run the installer as root > b) know the next pid which will be allocated > c) put the symlink in /tmp/installer$pid I hate to jump in here (really I do) but 'a' probably happens alot. All of the recommended locations are system directories. As for 'b' and 'c', I think those are considered trivial things to do, since this would be a relativly easy thing to expliot (search some of the security list archives, this isn't quite as easy as the buffer overflow on x86 problem, but still trivial). > I'll grant you this is something we can trivially make go away as an > issue, and we have, but it's mostly to make you go away as an issue, > not because we believe for one second this is a realistic problem. But yes, this is a trivial problem which is now fixed. And in the grand scheme of things, there'll be more important fixes in the next version of BK than the possibility of overwriting files at installtime. -- Tom Rini (TR1265) http://gate.crashing.org/~trini/ - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/