[Bug 219606] aarch64: libarchive.so.6 not present, libarchive.so not equivalent @ 318898
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Sun May 28 04:17:44 UTC 2017
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=219606
Bug ID: 219606
Summary: aarch64: libarchive.so.6 not present, libarchive.so
not equivalent @ 318898
Product: Base System
Version: CURRENT
Hardware: arm64
OS: Any
Status: New
Severity: Affects Many People
Priority: ---
Component: bin
Assignee: freebsd-bugs at FreeBSD.org
Reporter: prj at rootwyrm.com
This appears to be an ino64 related issue. /usr/lib/libarchive.so.6 is missing
on RaspBSD builds @ 318898. This would not be a big deal but
/usr/lib/libarchive.so is NOT equivalent. This causes unexpected breakage on
arm64-aarch64, even with COMPAT_FREEBSD11 in the kernel. (I'm still in the
process of validating this, but brd@ can probably confirm if GENERIC aligns
before my RPi3 builds kernel.)
This causes the recommended use of 'ABI = "FreeBSD:11:aarch64";' in pkg.conf to
introduce explicitly dangerous breakage for incautious users. Specifically,
permissions are incorrect and may result in sensitive files being set
world-writable.
Here is a demonstration using an 11.0-RELEASE built shells/bash (for maximum
"oh, this really IS that bad") installed with pkg and built on 11.0-RELEASE
arm64-aarch64.
root at skyhorn:~ # ls -l /usr/lib/libarchive.so*
lrwxr-xr-x 1 root wheel 15 May 25 17:08 /usr/lib/libarchive.so ->
libarchive.so.7
lrwxr-xr-x 1 root wheel 22 May 27 22:14 /usr/lib/libarchive.so.6 ->
/usr/lib/libarchive.so
-r--r--r-- 1 root wheel 804776 May 25 17:08 /usr/lib/libarchive.so.7
root at skyhorn:~ # ls -l /usr/local/bin/bash
---xr---w- 1 root wheel 956472 Dec 31 1969 /usr/local/bin/bash
Yes. That is a *world-writable* bash. Breakage persists if libarchive.so.6 is a
symlink to libarchive.so.7 - so it's not shimming.
root at skyhorn:~ # ls -al /usr/local/bin/bash
------x--x 1 root wheel 956472 Dec 31 1969 /usr/local/bin/bash
So attributes are still very wrong.
This behavior is not fully predictable and impacts *all* ports. Meaning, any
file in any port could be left world-writable. Inflicting this behavior is
trivial and no warnings are produced, so some form of protection is desperately
needed.
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-bugs
mailing list