Package: lintian
Version: 2.2.10
Severity: normal
Tags: patch
Hi,
Thanks a lot for working on lintian!
In version 2.2.10, the list of files examined by collection/strings was
limited to those containing ":<whitespace>ELF" to avoid false positives.
However, this kind of fails on packages containing setuid, setgid, or
sticky binaries *only when the lintian test is run as root*.
Of course, I realize that running lintian as root is discouraged, but
that's what pbuilder does by default, and IMHO there's no harm in
supporting it with a simple change such as the following patch :)
I'm reporting the bug against lintian-2.2.10 in squeeze, but it is also
present (and the patch is against) unstable's 2.2.12. I hope that
this bug won't prevent the migration of 2.2.12 to squeeze, which would
be desirable because of the support for Policy 3.8.2 :>
Keep up the good work!
G'luck,
Peter
*** strings-on-setid-files.patch
Fix strings run as root on setuid, setgid, or sticky executables.
diff -urN lintian-2.2.12/collection/strings lintian-2.2.12-roam/collection/strings
--- lintian-2.2.12/collection/strings 2009-06-19 03:22:54.000000000 +0300
+++ lintian-2.2.12-roam/collection/strings 2009-06-19 13:01:40.000000000 +0300
@@ -27,7 +27,7 @@
[ ! -f elf-index ] || rm -f elf-index
exec >elf-index
-for bin in $(sed -rn 's/:\s+\bELF\b.+$//g;T;p' file-info); do
+for bin in $(sed -rn 's/:\s+((set[ug]id|sticky)\s+)*\bELF\b.+$//g;T;p' file-info); do
echo "$bin"
case $bin in
/usr/lib/debug/*)
-- System Information:
Debian Release: squeeze/sid
APT prefers testing
APT policy: (990, 'testing')
Architecture: i386 (i686)
Kernel: Linux 2.6.26-2-686 (SMP w/2 CPU cores)
Locale: LANG=bg_BG.UTF-8, LC_CTYPE=bg_BG.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages lintian depends on:
ii binutils 2.19.1-1 The GNU assembler, linker and bina
ii diffstat 1.47-1 produces graph of changes introduc
ii dpkg-dev 1.15.2 Debian package development tools
ii file 5.03-1 Determines file type using "magic"
ii gettext 0.17-6 GNU Internationalization utilities
ii intltool-debian 0.35.0+20060710.1 Help i18n of RFC822 compliant conf
ii libipc-run-perl 0.82-1 Perl module for running processes
ii libparse-debianchangel 1.1.1-2 parse Debian changelogs and output
ii libtimedate-perl 1.1600-9 Time and date functions for Perl
ii liburi-perl 1.37+dfsg-1 Manipulates and accesses URI strin
ii man-db 2.5.5-2 on-line manual pager
ii perl [libdigest-sha-pe 5.10.0-23 Larry Wall's Practical Extraction
lintian recommends no packages.
Versions of packages lintian suggests:
ii binutils-multiarch 2.19.1-1 Binary utilities that support mult
ii libtext-template-perl 1.45-1 Text::Template perl module
ii man-db 2.5.5-2 on-line manual pager
-- no debconf information
Attachment:
pgpCXU2kZcPHX.pgp
Description: PGP signature