Insecure temporary file usage in developer/build tools

Поиск
Список
Период
Сортировка
От Martin Pitt
Тема Insecure temporary file usage in developer/build tools
Дата
Msg-id 20050124215749.GA3676@box79162.elkhouse.de
обсуждение исходный текст
Ответы Re: Insecure temporary file usage in developer/build tools  (Tom Lane <tgl@sss.pgh.pa.us>)
Список pgsql-bugs
Дерево обсуждения 
Hi PostgreSQL developers!

Debian's security audit team recently reviewed PostgreSQL for insecure
temporary file usage and found that a lot of the developer tools and
also some build tools are vulnerable against symlink attacks.

Please see

  http://bugs.debian.org/291962

for the detailled report and a proposed patch. However, the patch
mostly relies on mktemp and/or tempfile, which might not be available
on all platforms that PostgreSQL supports, so the patch should be
regarded as a pointer to the issues, not as their solution.

In many cases the usage of a temporary file is not necessary in the
first place and can be replaced by piping (as I did with
src/test/bench/perquery) or "OUTPUT=$(program args)" constructs. If
neither is possible, then the script should at least be run with "set
-o noclobber" (or "#!/bin/sh -C", which does the same).

Apart from the Debian-specific issues of the bug report (which I
already fixed), the following files were found to be vulnerable:

Used in build, fixed for Debian (see attached patch):
  postgresql-7.4.6/src/backend/catalog/genbki.sh
  postgresql-7.4.6/src/test/bench/perquery

Not shipped in the Debian package, since it is useless:
  postgresql-7.4.6/contrib/pg_upgrade/pg_upgrade

Not used anywhere in the source, not fixed in Debian package:
  postgresql-7.4.6/src/include/catalog/duplicate_oids
  postgresql-7.4.6/src/tools/ccsym
  postgresql-7.4.6/src/tools/find_static
  postgresql-7.4.6/src/tools/make_ctags
  postgresql-7.4.6/src/tools/make_etags
  postgresql-7.4.6/src/tools/pgtest
  postgresql-7.4.6/src/tools/pginclude/pgcompinclude
  postgresql-7.4.6/src/tools/pginclude/pgdefine
  postgresql-7.4.6/src/tools/pginclude/pgfixinclude
  postgresql-7.4.6/src/tools/pginclude/pgrminclude
  postgresql-7.4.6/src/tools/pgindent/pgcppindent
  postgresql-7.4.6/src/tools/pgindent/pgindent
  postgresql-7.4.6/src/tools/pgindent/pgjindent
  postgresql-7.4.6/contrib/tools/add-emacs-variables

Most of the tools are irrelevant for the sake of package building and
shipping, but they might be commonly used on PostgreSQL developer's
machines, so it might be a good idea to fix then eventually.

Thanks for considering and for your great work and have a nice day!

Martin

--
Martin Pitt                       http://www.piware.de
Ubuntu Developer            http://www.ubuntulinux.org
Debian GNU/Linux Developer       http://www.debian.org
Вложения

В списке pgsql-bugs по дате отправления:

Предыдущее
От: Tom Lane
Дата:
Сообщение: Re: BUG #1435: Optimizer not using index on large tables when inner joining two views
Следующее
От: Andrew - Supernews
Дата:
Сообщение: incorrect index behaviour with rtree on box values