[Bug 219606] aarch64: libarchive.so.6 not present, libarchive.so not equivalent @ 318898

bugzilla-noreply at freebsd.org bugzilla-noreply at freebsd.org
Sun May 28 04:17:44 UTC 2017 

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=219606

            Bug ID: 219606
           Summary: aarch64: libarchive.so.6 not present, libarchive.so
                    not equivalent @ 318898
           Product: Base System
           Version: CURRENT
          Hardware: arm64
                OS: Any
            Status: New
          Severity: Affects Many People
          Priority: ---
         Component: bin
          Assignee: freebsd-bugs at FreeBSD.org
          Reporter: prj at rootwyrm.com

This appears to be an ino64 related issue. /usr/lib/libarchive.so.6 is missing
on RaspBSD builds @ 318898. This would not be a big deal but
/usr/lib/libarchive.so is NOT equivalent. This causes unexpected breakage on
arm64-aarch64, even with COMPAT_FREEBSD11 in the kernel. (I'm still in the
process of validating this, but brd@ can probably confirm if GENERIC aligns
before my RPi3 builds kernel.) 

This causes the recommended use of 'ABI = "FreeBSD:11:aarch64";' in pkg.conf to
introduce explicitly dangerous breakage for incautious users. Specifically,
permissions are incorrect and may result in sensitive files being set
world-writable.
Here is a demonstration using an 11.0-RELEASE built shells/bash (for maximum
"oh, this really IS that bad") installed with pkg and built on 11.0-RELEASE
arm64-aarch64.

root at skyhorn:~ # ls -l /usr/lib/libarchive.so*
lrwxr-xr-x  1 root  wheel      15 May 25 17:08 /usr/lib/libarchive.so ->
libarchive.so.7
lrwxr-xr-x  1 root  wheel      22 May 27 22:14 /usr/lib/libarchive.so.6 ->
/usr/lib/libarchive.so
-r--r--r--  1 root  wheel  804776 May 25 17:08 /usr/lib/libarchive.so.7

root at skyhorn:~ # ls -l /usr/local/bin/bash
---xr---w-  1 root  wheel  956472 Dec 31  1969 /usr/local/bin/bash

Yes. That is a *world-writable* bash. Breakage persists if libarchive.so.6 is a
symlink to libarchive.so.7 - so it's not shimming.
root at skyhorn:~ # ls -al /usr/local/bin/bash
------x--x  1 root  wheel  956472 Dec 31  1969 /usr/local/bin/bash
So attributes are still very wrong.

This behavior is not fully predictable and impacts *all* ports. Meaning, any
file in any port could be left world-writable. Inflicting this behavior is
trivial and no warnings are produced, so some form of protection is desperately
needed.

-- 
You are receiving this mail because:
You are the assignee for the bug.

More information about the freebsd-bugs mailing list