Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-dev

From: Fangrui Song <maskray@××××××.com>
To: gentoo-dev@l.g.o
Subject: Re: [gentoo-dev] Re: portage reliance on GNU objcopy ownership perseverance behavior in strip
Date: Wed, 10 Feb 2021 02:27:14
Message-Id: 20210210022707.2wi7apamnza5f32o@google.com
In Reply to: Re: [gentoo-dev] Re: portage reliance on GNU objcopy ownership perseverance behavior in strip by Michael Orlitzky
1 On 2021-02-09, Michael Orlitzky wrote:
2 >On Tue, 2021-02-09 at 17:53 -0800, Fāng-ruì Sòng wrote:
3 >> (I replied via https://groups.google.com/g/linux.gentoo.dev/c/WG-OLQe3yng
4 >> "Reply all" (which only replied to the list AFAICT) but I did not
5 >> subscribe to gentoo-dev via the official
6 >> https://www.gentoo.org/get-involved/mailing-lists/ so my reply is
7 >> missing)
8 >>
9 >
10 >Apologies for hijacking your post with a tangential question, but you
11 >reminded me to ask: how did you notice this problem? Ultimately all
12 >system executables (in $PATH) should be owned by (and writable only by)
13 >root anyway; otherwise you get silly security vulnerabilities like "cat
14 >~/virus > /usr/bin/foo" as a regular user.
15 >
16
17 Context: both `strip a` and `llvm-strip a` create a temporary file.
18 `strip a` does additional chown(2) (instead of fchown!) with a long list
19 of hardening-style checks. Due to how the code is organized, passing a
20 file description around can be difficult for binutils.
21
22 Jian Cai reported the problem that `sudo llvm-strip a` does not restore
23 the original filename. I played with `strip a` and `strip a -o b` a bit
24 and noticed that chown(2) is only called in these cases:
25
26 * (under root) strip a
27 * (under root) strip a -o a
28
29 not in these cases:
30
31 * strip a -o b
32 * strip a -o ./a
33
34 ---
35
36 From my side, I want llvm-objcopy/llvm-strip to have simple and consistent rules,
37 smaller platform differences. Why does strip need to behave differently
38 with or without root permission, when the target file has one hard link
39 or more, on Linux than on other OSes?
40
41 The driven reason is that distributions require such `strip a` behavior.
42 Arch Linux has moved away. If Gentoo Linux can move away, llvm-objcopy
43 can keep its current simpler behavior.
44
45 ---
46
47 I think Arch Linux did this:
48
49 ```
50 fakeroot
51 # create an executable owned by bin
52 strip exe # still owned by bin
53 tar cf package.tar exe # record the owner
54 exit
55
56 tar xf package.tar -C somewhere
57 ```
Report Message
Find on MARC Find on Google Groups