[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bug#58640: wrapper does not handle fakeroot well

On Wed, Feb 23, 2000 at 03:44:00PM +0200, Fabrizio Polacco wrote:
> Excellent.
> I was writing the wrapper when you message hit my mutt.
> Find it attached.

I think you've got a little too paranoid here (understandable in the 
context of this thread ;):

/* this list is used to autenticate the program running.
 * it is fixed at compile time to avoid a full class of
 * dangers ...

This wrapper isn't going to be set(u|g)id, so you can forget all the 
euid tests and stuff. All it does is chain to another program, which 
the user could just as legitimately run directly. It doesn't need to 
do paranoid checks (and is rather simpler without them). 

> I tryed to make a quite general one, with a fixed table of programs that
> can be run trhough it (just hardlink it).
> Maybe this wrapper can be moved to a more general package and have man
> hardlink to it?

Maybe there should be a symlink farm, /usr/lib/setuid-wrappered/ or 
something, with symlinks like

man -> /usr/lib/man-db/man
mandb -> /usr/lib/man-db/mandb
uucp -> (maybe)
ppp -> (maybe)
others perhaps

and this program could just look for the right link. There's no need to 
hard code the table then, and packages can just drop links in to extend it. 
Anyway this is only speculative, for now only man will need it.

One bug I just thought of in my submission, it will break man -l for root. 
We'll have to drop the chdir.


Reply to: