Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Fri, 2 Feb 2024 13:42:24 +1100
From: Tim Cuthbertson <tim@...monk.net>
To: Rich Felker <dalias@...c.org>
Cc: musl@...ts.openwall.com
Subject: Re: Bug: installed symlinks are unreadable on MacOS

Ah that makes sense, attached an updated patch. I don't know whether the
`umask 077` after making the symlink is strictly necessary but it might
avoid nasty surprises later on in the script.

Cheers,
- Tim

On Thu, 1 Feb 2024 at 10:32, Rich Felker <dalias@...c.org> wrote:

> On Thu, Feb 01, 2024 at 09:39:56AM +1100, Tim Cuthbertson wrote:
> > Yeah, setting it to `chmod 000` in just the symlink branch seems good to
> me
> > too.
> >
> > Looking at the script more closely, `mode` is always set and so I'm
> unclear
> > why there is also a `umask 077` at all. Whatever permissions we create
> the
> > file with, we `chmod` it explicitly before doing anything else.
> >
> > Is that line just there to undo the potential change to `umask` in the
> > mkdirp branch? If so, maybe that should be done explicitly by capturing
> the
> > old umask? e.g:
>
> No, it's so that the install.sh never exposes a file to users who
> should not have access to it via the existing umask being more
> permissive than the requested install mode. Normally this does not
> matter for use as part of musl's install process, but the script is
> written to be general and not have security bugs like that.
>
> Rich
>

Content of type "text/html" skipped

Download attachment "musl-chmod.patch" of type "application/octet-stream" (536 bytes)

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.