Gentoo Archives: gentoo-dev

From: Manoj Gupta <manojgupta@××××××.com>
To: gentoo-dev@l.g.o, mgorny@g.o
Cc: Fangrui Song <maskray@××××××.com>, Jordan Rupprecht <rupprecht@××××××.com>, Jian Cai <jiancai@××××××.com>
Subject: [gentoo-dev] portage reliance on GNU objcopy ownership perseverance behavior in strip
Date: Fri, 05 Feb 2021 00:09:40
Message-Id: CAH=QcsiuHrtLnJjFzAKbxAH2ueMRzGL4EPg_FWYssFvUy2Rzfg@mail.gmail.com
1 Hi gentoo devs,
2
3 This question is regarding interaction of fowners [1] and estrip
4 functionality in portage.
5 fowners is used on various binaries and files to assign the ownership to
6 specific users or group.
7
8 GNU objcopy and strip do not change the file ownership when run as root.
9 However, llvm's versions do not preserve it and instead make root the owner
10 of the modified file.
11 e.g.
12 sudo strip <file> keeps the original ownership .
13 sudo llvm-strip <file> will change ownership to root.
14
15 We were trying to have llvm objcopy with a patch [3] to have the same
16 behavior as GNU but LLVM developers pointed out that GNU implementation is
17 thought to have a security issue:
18 https://sourceware.org/bugzilla/show_bug.cgi?id=26945
19 We have modified the LLVM patch to avoid chown on the final file and rather
20 doing it on the temporay file but I am not sure if that will be enough to
21 placate the llvm devs.
22
23 What does everyone think of modifying usages of calls to strip and objcopy
24 inside estrip so that file ownership is manually restored. e.g
25
26 owner=$(stat -U file)
27 group=$(stat -G file)
28 strip <file>
29 chown owner:group file
30
31 [1] https://devmanual.gentoo.org/function-reference/install-functions/
32 [2] https://gitweb.gentoo.org/proj/portage.git/tree/bin/estrip
33 [3] https://reviews.llvm.org/D93881
34
35 Thanks,
36 Manoj

Replies