Gentoo Archives: gentoo-dev

From: Mike Frysinger <vapier@g.o>
To: gentoo-dev@l.g.o
Subject: Re: [gentoo-dev] Re: glibc: pt_chown setuid going away by default
Date: Fri, 12 Apr 2013 20:03:46
Message-Id: 201304121605.13008.vapier@gentoo.org
In Reply to: [gentoo-dev] Re: glibc: pt_chown setuid going away by default by Duncan <1i5t5.duncan@cox.net>
1 On Thursday 11 April 2013 22:19:40 Duncan wrote:
2 > Mike Frysinger posted on Thu, 11 Apr 2013 12:49:00 -0400 as excerpted:
3 > > On Thursday 11 April 2013 11:43:59 James Cloos wrote:
4 > >> >>>>> "MF" == Mike Frysinger <vapier@g.o> writes:
5 > >> MF> this should impact very few (if any)
6 > >> MF> users, so i don't think a news item makes sense.
7 > >>
8 > >> It will impact everyone who has /dev/pts in fstab(5).
9 > >
10 > > don't do that. delete the line.
11 >
12 > I wonder if I added my devpts fstab entry (if as you say it wasn't an
13 > automated add) some time ago, when there was some security related hubbub
14 > over it, as significantly, my fstab entry has nosuid, noexec, while the
15 > default for it in /etc/init.d/devfs does not.
16 >
17 > My fstab devpts entry also has noauto, but that's likely simply due to it
18 > being an fstab entry...
19 >
20 > Regardless, that's at least two gentooers with installations dating from
21 > the early 00s that have reported having the (GID-less) entry in fstab
22 > now, so I strongly suspect it's going to affect more users, at least long-
23 > time users, than you thought. It may in fact affect the majority of
24 > users from that era... anyone who hasn't manually removed that entry from
25 > fstab over the years.
26 >
27 > You mention it wasn't in the old baselayout/openrc tarballs. What about
28 > the early stages? Perhaps that's where it came from? Anyone with 2004.x
29 > vintage stage tarballs around to check?
30
31 stages get their files from baselayout/openrc. they don't generate them
32 themselves.
33
34 Robin found even older baselayout releases for me. baselayout-1.8.6.12
35 (released Nov 2011) and newer don't contain any mention of devpts.
36
37 i don't know about 2004 releases, but i have stage tarballs i built in Oct
38 2005 using gcc-2.95 and they're exactly what i expect -- they match the
39 baselayout install.
40 -mike

Attachments

File name MIME type
signature.asc application/pgp-signature