Bug#670993: busybox: Please use dpkg-buildflags for hardening support

To: Michael Tokarev <mjt@tls.msk.ru>
Cc: Bastian Blank <waldi@debian.org>, Steve Langasek <steve.langasek@canonical.com>, 670993@bugs.debian.org
Subject: Bug#670993: busybox: Please use dpkg-buildflags for hardening support
From: Jonathan Nieder <jrnieder@gmail.com>
Date: Mon, 14 May 2012 14:34:45 -0500
Message-id: <[🔎] 20120514193445.GB13335@burratino>
Reply-to: Jonathan Nieder <jrnieder@gmail.com>, 670993@bugs.debian.org
In-reply-to: <[🔎] 4FB15BA6.2010104@msgid.tls.msk.ru>
References: <[🔎] 20120501042324.11070.64034.reportbug@virgil.dodds.net> <[🔎] 4F9F7A4A.1000002@msgid.tls.msk.ru> <[🔎] 20120501060038.GB6076@virgil.dodds.net> <[🔎] 20120502123930.GA22324@wavehammer.waldi.eu.org> <[🔎] 4FA1340E.1040504@msgid.tls.msk.ru> <[🔎] 20120514191335.GA13335@burratino> <[🔎] 4FB15BA6.2010104@msgid.tls.msk.ru>

Michael Tokarev wrote:

> If I were upstream I'd reject this approach.

Oh, sorry for the lack of clarity.  I'm personally fine with leaving
these warnings unaddressed.  (Debian doesn't use busybox's selinux
support as far as I can tell.)  My only goal was to convey that there
are at least three options:

 - annotating calls where the argument happens not to contain a %
   sign, in a safe way so that the program is not broken if that
   assumption stops holding.  When using printf-like functions in C,
   this is spelled as f("%s", str).

 - using an alternative function for the unformatted case

 - making bb_msg_* into string literals

You've mentioned that you don't like the first of those three options,
and that interested people should pursue this directly with upstream.
Sounds reasonable to me.

[...]
> The stat -Z case is a real bug however, and should be fixed
> spearately.  But this is - IMHO - a different story.

It's the same story.  The way to prevent the same problem from
happening again is to occasionally look through the warnings
-Wformat-security emits, something people are much more likely to do
if there are not many of them.

Thanks,
Jonathan

Reply to:

References:
- Bug#670993: busybox: Please use dpkg-buildflags for hardening support
  - From: Steve Langasek <steve.langasek@canonical.com>
- Bug#670993: busybox: Please use dpkg-buildflags for hardening support
  - From: Michael Tokarev <mjt@tls.msk.ru>
- Bug#670993: busybox: Please use dpkg-buildflags for hardening support
  - From: Steve Langasek <steve.langasek@canonical.com>
- Bug#670993: busybox: Please use dpkg-buildflags for hardening support
  - From: Bastian Blank <waldi@debian.org>
- Bug#670993: busybox: Please use dpkg-buildflags for hardening support
  - From: Michael Tokarev <mjt@tls.msk.ru>
- Bug#670993: busybox: Please use dpkg-buildflags for hardening support
  - From: Jonathan Nieder <jrnieder@gmail.com>
- Bug#670993: busybox: Please use dpkg-buildflags for hardening support
  - From: Michael Tokarev <mjt@tls.msk.ru>

Prev by Date: Bug#670993: busybox: Please use dpkg-buildflags for hardening support
Next by Date: Bug#672424: Bug#672423: task-kannada-desktop: please remove scim-tables from Depends
Previous by thread: Bug#670993: busybox: Please use dpkg-buildflags for hardening support
Next by thread: Bug#670993: marked as done (busybox: Please use dpkg-buildflags for hardening support)
Index(es):
- Date
- Thread