FW: ports/116222: editors/emacs: files installed with wrong owner
Giorgos Keramidas
keramida at freebsd.org
Tue Jan 15 23:10:51 PST 2008
Hi ports fellows,
As part of the investigation for ports/116222 we found that installing
a port after a plain `su' may install files with the wrong uid:gid.
As you can see from the snippets quoted below from the PR trail, the
problem goes away if one uses `su -' to install ports.
% Date: Sun, 9 Sep 2007 08:32:57 GMT
% Message-Id: <200709090832.l898WvHW053413 at www.freebsd.org>
% From: Nate Eldredge <neldredge at ucsd.edu>
% Subject: ports/116222: editors/emacs: files installed with wrong owner
% To: freebsd-gnats-submit at FreeBSD.org
%
% >Number: 116222
% >Category: ports
% >Synopsis: editors/emacs: files installed with wrong owner
% [...]
% # ls -l /usr/local/share/emacs/22.1/
% total 22
% drwxr-xr-x 5 nate wheel 3072 Sep 9 01:19 etc
% drwxr-xr-x 4 root wheel 512 Sep 9 01:19 leim
% drwxr-xr-x 20 nate wheel 12800 Sep 9 01:19 lisp
% drwxr-xr-x 2 root wheel 512 Sep 9 01:19 site-lisp
%
% The contents of etc/ and lisp/ are likewise owned by nate.
%
% You might consider this a security problem, since now "nate" can tweak
% the lisp files and cause everyones' emacs to do funny things. Of course
% in this case, "nate" was able to su to root anyway, but you could
% imagine scenarios where this isn't the case.
% From: Giorgos Keramidas <keramida at freebsd.org>
% To: Nate Eldredge <neldredge at ucsd.edu>
% Cc: freebsd-gnats-submit at freebsd.org
% Subject: ports/116222: Re: ports/116222: editors/emacs: files installed with wrong owner
% Date: Thu, 27 Sep 2007 19:14:43 +0300
%
% Can you try using "su -" to install the port? There's nothing special
% about editors/emacs in the way the files are copied to `/usr/local', but
% it uses tar(1) to copy files in `/usr/local'. This means that when the
% files are copied, tar(1) tries to preserve the owner and/or group of the
% original files.
% From: Nate Eldredge <neldredge at math.ucsd.edu>
% To: Giorgos Keramidas <keramida at freebsd.org>
% Cc: freebsd-gnats-submit at freebsd.org
% Subject: ports/116222: Re: ports/116222: editors/emacs: files installed with wrong owner
% Date: Thu, 27 Sep 2007 11:10:16 -0700 (PDT)
%
% That fixes it, but I agree it should not be necessary.
% Thanks for looking at this.
Is there any way to make sure this does not happen, or do we generally
suggest installing ports only from `su -' sessions?
The real question about the PR is, should editors/emacs and emacs-devel
be patched to install the files with the correct permissions, or is this
something we don't really care to install as a workaround?
- Giorgos
More information about the freebsd-ports
mailing list