Re: Crypto consolidation in debian ?

[Steve Langasek <vorlon@debian.org>]

On Thu, Apr 28, 2011 at 03:09:48PM +0200, Simon Josefsson wrote:
> Roger Leigh <rleigh@codelibre.net> writes:

> > libgcrypt has some horrendous bugs which upstream refuse to fix,
> > for example the broken behaviour relating to setuid binaries
> > discussed previously here, and the hard coded behaviour which
> > makes it unsuitable for use in general programs.  See
> >
> > "libgcrypt brain dead?"
> > 3c5cf5261003081534s5202413dw4d93c80db1a30150@mail.gmail.com

> > Until these major issues are fixed, it's simply unusable.

> It appears to be usable by a lot of projects and people, so that seems
> like an exaggeration.  If I have understood Werner correctly, he
> believes that it is the setuid binaries that are broken and should be
> fixed.

As a comaintainer of openldap, which links to gnutls in Debian for license
reasons, I need to vehemently echo Roger here.  sudo most certainly isn't
broken for being setuid, and libgcrypt should definitely not be ripping its
suid privs out from under it, yet this is what happens if using nss_ldap
with an SSL-using LDAP server.

  http://bugs.debian.org/566351
  https://bugs.launchpad.net/bugs/423252

Changing the uid of the calling application is *not* an acceptable side
effect for a library and I can't imagine how anyone could believe that it
is.  Unfortunately that seems to leave nss_ldap caught between an SSL
implementation with a perverse license, and an SSL implementation whose
upstream has perverse ideas about library handling of process state.

-- 
Steve Langasek                   Give me a lever long enough and a Free OS
Debian Developer                   to set it on, and I can move the world.
Ubuntu Developer                                    http://www.debian.org/
slangasek@ubuntu.com                                     vorlon@debian.org