Re: TOCTTOU race

guix-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: TOCTTOU race

From:	Maxime Devos
Subject:	Re: TOCTTOU race
Date:	Mon, 22 Feb 2021 20:13:05 +0100
User-agent:	Evolution 3.34.2

Hi,

On Mon, 2021-02-22 at 09:54 +0100, Ludovic Courtès wrote:
> [...]
> > Subject: [PATCH] services: prevent following symlinks during activation
>                              ^
> Nitpick: we usually capitalize here and in the commit log.

Fixed!  Also added a period at the end.

> Perhaps add a couple of lines explaining that this fixes a potential
> security issue, with a link to this thread.

Done.  But since ....

> > Currently, there's a TOCTTOU race.  This can be addressed
> > once guile has bindings for fstatat, openat and friends.

... I only claim it's a partial fix at best in the commit message.

> I’d move that comment next to the ‘mkdir-p/perms’ definition.

I copied it there, but left it (reworded slightly) in the commit
message, to avoid giving a false impression the potential security issue
is really fixed.

> > * guix/build/service-utils.scm: new module
> >   with new procedure 'mkdir-p/perms'.
> 
> I think you can remove these lines.

I removed the ‘Makefile.am’ and ‘guix/build/service-utils.scm’
lines which aren't relevant anymore, but kept the other lines.

Is all addressed now? (Aside from the TOCTTOU.)

Maxime.

0001-services-Prevent-following-symlinks-during-activatio.patch
Description: Text Data

signature.asc
Description: This is a digitally signed message part

[Prev in Thread]

Current Thread

[Next in Thread]

Re: Potential security weakness in Guix services, (continued)

Prev by Date: Re: Cuirass build notifications.
Next by Date: Re: “guix pack -RR” and ignored environment variables
Previous by thread: Re: TOCTTOU race
Next by thread: Re: TOCTTOU race
Index(es):
- Date
- Thread