1 |
-----BEGIN PGP SIGNED MESSAGE----- |
2 |
Hash: SHA512 |
3 |
|
4 |
On 01/08/2015 02:23 AM, Daniel Campbell wrote: |
5 |
> On 01/07/2015 04:19 PM, Jonathan Callen wrote: |
6 |
>> On 01/07/2015 12:15 PM, Matt Turner wrote: |
7 |
>>> On Wed, Jan 7, 2015 at 7:57 AM, William Hubbs |
8 |
>>> <williamh@g.o> wrote: |
9 |
>>>> On Wed, Jan 07, 2015 at 06:49:56AM -0500, Philip Webb wrote: |
10 |
>>>>> 150106 William Hubbs wrote: This one is perfectly safe on a |
11 |
>>>>> single-user system : please leave it there. |
12 |
>>>> |
13 |
>>>> I'm not opposed to it staying in the tree under one of these |
14 |
>>>> conditions: |
15 |
>>>> |
16 |
>>>> 1) fix it and remove the mask |
17 |
>>>> |
18 |
>>>> or |
19 |
>>>> |
20 |
>>>> 2) remove the mask and add ewarns to the ebuild |
21 |
> |
22 |
>>> Remove the mask that people have to see and actively disable in |
23 |
>>> order to install the software and replace it with ewarn |
24 |
>>> messages that they likely won't read? |
25 |
> |
26 |
>>> I don't see the problem with versions with security |
27 |
>>> vulnerabilities masked in the tree. nethack in particular has |
28 |
>>> been masked in the tree since 2006, so we have some |
29 |
>>> precedence. |
30 |
> |
31 |
> |
32 |
> |
33 |
>> The only reason there is a security issue with nethack (and other |
34 |
>> games like it) on Gentoo, and only on Gentoo, is that the games |
35 |
>> team policy requires that all games have permissions 0750, with |
36 |
>> group "games", and all users that should be allowed to run |
37 |
>> games be in the "games" group. Nethack expects that it have |
38 |
>> permissions 2755 (or 2711), with group "games" and that *no* |
39 |
>> users are members of that group, so it can securely save files |
40 |
>> that are accessible to all users during gameplay ("bones" files) |
41 |
>> and ensure that the user cannot access/change their current save |
42 |
>> file. These two expectations are incompatible with each other, |
43 |
>> and end up creating a security issue that upstream would never |
44 |
>> expect (as no users can be in the "games" group traditionally). |
45 |
> |
46 |
> |
47 |
> |
48 |
> Is Nethack's group expectation hard-coded? If not, then what's |
49 |
> stopping nethack from using another, self-made group (like |
50 |
> 'nethack') to arbitrate the bones files? |
51 |
> |
52 |
> If it *is* hard-coded, then can we produce a (hopefully simple) |
53 |
> patch? |
54 |
> |
55 |
> |
56 |
|
57 |
The problem was that you could not have the game setgid to "nethack" |
58 |
*and* only executable by people in group "games" at the same time, as |
59 |
they both require setting the group of the executable in order to |
60 |
enforce the policy, and a file can only have one group (not counting |
61 |
ACLs, which are not always supported). |
62 |
|
63 |
As it is no longer required to follow the games team policy, the issue |
64 |
can now be fixed by *not* using the "games" group for nethack. |
65 |
|
66 |
- -- |
67 |
Jonathan Callen |
68 |
-----BEGIN PGP SIGNATURE----- |
69 |
Version: GnuPG v2 |
70 |
|
71 |
iQIcBAEBCgAGBQJUrzrwAAoJELHSF2kinlg4IQsP/3gdF1OxDh0tOdqxd45tL4G+ |
72 |
1avsJ2x1+mVWM5hi2kYx3ZG3SIAOPqJdqVrFf+WozzAjDVC7Sd6WPs//E9i630HW |
73 |
72O8zvO1s4CpqBrsu5Yb8BuhUHzcc4HO/3hE5rex7uhsOpPVqr96LdKtPJ74qFOH |
74 |
T8aL/qk46HPCEc3Dg+lKVYDnhNKfThmjq3bx2NKFFgN3VaPOEc4IUs/NCkj/PzIt |
75 |
UlgqwpD343qC+21xyboXVhIKeIyaaDZC2nwf/F92hhI2Xdcc9aw99O6S3mAuw1Xh |
76 |
YDS3XN/4EvSMgSnCMC++S0LAT7nVkbghdhUh3R92UwJQoQcDzxOR6dEBrU7zjy++ |
77 |
L8c3A8gM8SfmtpwjqH2JwWF9AZ29SwVM1VtBus9EiREV0mthFC/Owz7Xfalj6VsS |
78 |
u24hZn6NCRZ97FkOeX+GhAzAKLJHftLZW/ElgiFNwKFGA8qIjc4KIcc7Wg6opnDU |
79 |
y4zV1f3YnUgS/4eMZxW4gcRoDTMSiPo1K5I2lSYC5Q9pId4Y3XvrjBkh5i6LA7Cc |
80 |
2Pb3X4ZmWXvzm9p20kk6/SNp3qj6S/DnflWwWYmVnw4Le+Fa3+wlyS49yhL2/Aoa |
81 |
nLtfHlgSZkKY6rLpa9swNKiVmYEu1PxdYDB2nlGfTn8nUiwyszRGpiai0ABwEWnR |
82 |
NL9n1n5H6PTVOhElIKF2 |
83 |
=Mc9p |
84 |
-----END PGP SIGNATURE----- |