| 1 |
On Sunday 07 September 2003 16:45, Thomas de Grenier de Latour wrote: |
| 2 |
> On Sun, 7 Sep 2003 18:21:19 +0000 |
| 3 |
> |
| 4 |
> Jan Krueger <jk@×××××××××××.net> wrote: |
| 5 |
> > put |
| 6 |
> > rm -rf / |
| 7 |
> > in pkg_postinst |
| 8 |
> > |
| 9 |
> > put |
| 10 |
> > rm -rf / |
| 11 |
> > in src_install |
| 12 |
> > |
| 13 |
> > See the difference? |
| 14 |
> |
| 15 |
> In any system package "foo", put in src_install(): |
| 16 |
> cat << EOF > ${D}/usr/sbin/foo |
| 17 |
> #!/bin/sh |
| 18 |
> rm -rf / |
| 19 |
> EOF |
| 20 |
> |
| 21 |
> Not that better... |
| 22 |
|
| 23 |
The notable difference is: |
| 24 |
/usr/sbin/foo is not executed automaticly while emerge. Thats what i try to |
| 25 |
address here. It must explicitly be called by someone/something after emerge |
| 26 |
time. So my system is safe at emerge time, at least. |
| 27 |
|
| 28 |
On the other hand i try discuss on g-hardened how to detect malicious code. |
| 29 |
|
| 30 |
> I think if you don't trust ebuilds, then you should not use them, or at |
| 31 |
> least read them before. The same apply to any distribution package. |
| 32 |
> |
| 33 |
> What is done in pkg_postinst is supposed to be good on every system. |
| 34 |
For sure, Windows is supposed to be good on every system too. |
| 35 |
However its deficencies make it from time to time a threat for the internet: |
| 36 |
code red, nimda to name just 2 of them. |
| 37 |
I see the potential for gentoo to join windows on its way to bring the |
| 38 |
internet down. especially i see this potential within portage because the |
| 39 |
whole portage tree has one central source, the only one source that needs to |
| 40 |
be compromised and it spreads to thousands of machines within a couple of |
| 41 |
minutes. So: No, i see no reason why i should ebuilds expect to be |
| 42 |
trustworthy. And you know this already! Dont try to fool me! |
| 43 |
look at Manifest and digest! They are there because you know portage, the |
| 44 |
central tree and ebuilds are a risk that must be taken care of! |
| 45 |
So i just try to make you sensible for another aspect of this risk. |
| 46 |
|
| 47 |
> If |
| 48 |
> you find an ebuild in which it is not true, then report it as a bug |
| 49 |
Please understand: The bug is in portage! (at least from my point of view) |
| 50 |
|
| 51 |
Jan |
| 52 |
|
| 53 |
|
| 54 |
-- |
| 55 |
gentoo-dev@g.o mailing list |
Archives