Bug#644883: libreoffice-core: creates hidden file in /usr

To: 644883@bugs.debian.org
Subject: Bug#644883: libreoffice-core: creates hidden file in /usr
From: Michael Gilbert <michael.s.gilbert@gmail.com>
Date: Mon, 10 Oct 2011 14:54:27 -0400
Message-id: <[🔎] 20111010145427.f2a9f061ce6ac78bf311e122@gmail.com>
Reply-to: Michael Gilbert <michael.s.gilbert@gmail.com>, 644883@bugs.debian.org
In-reply-to: <[🔎] 20111010110527.GG1595@rene-engelhard.de>
References: <[🔎] 20111010003045.c7dbf684056dcdac453b1362@gmail.com> <[🔎] 20111010065807.GF1595@rene-engelhard.de> <[🔎] 20111010110527.GG1595@rene-engelhard.de>

Rene Engelhard wrote:

> severity 644883 minor
> tag 644883 + wontfix
> thanks
> 
> On Mon, Oct 10, 2011 at 08:58:07AM +0200, Rene Engelhard wrote:
> > On Mon, Oct 10, 2011 at 12:30:45AM -0400, Michael Gilbert wrote:
> > > libreoffice has a hidden file in /usr, which is flagged as suspicious
> > > by chkrootkit.  See /usr/lib/libreoffice/basis3.4/program/.services.rdb.
> > > There is also /usr/lib/libreoffice/basis3.4/program/services.rdb, which
> > > looks similar, but differs.
> > 
> > And the latter is created from the former.
> 
> To be precide: here:
> 
> http://anonscm.debian.org/gitweb/?p=pkg-openoffice/libreoffice.git;a=blob;f=shell-lib-components.sh;h=c08751cd0584bcf1758a83d9a20eb69e4000d125;hb=HEAD:
> 
>   44 update_services_rdb() {
>   45         if [ -f /@OOBASISDIR@/program/.services.rdb ]; then
>   46                 echo "Updating services.rdb..."
>   47                 rdb="`echo /@OOBASISDIR@/program | sed -e s/usr/var/`/services.rdb"
>   48                 if [ -d /@OOBASISDIR@/registered-components ]; then
>   49                         cat /@OOBASISDIR@/program/.services.rdb \
>   50                                 | sed -e "s#</components>##" \
>   51                                 > $rdb
>   52                         for c in /@OOBASISDIR@/registered-components/*.component; do \
>   53                                 tail -n 1 $c \
>   54                                 | sed -e 's#<component xmlns="http://openoffice.org/2010/uno-components"#<component#'\
>   55                                 >> $rdb; \
>   56                         done
>   57                         perl -pi -e "s/\n//" $rdb
>   58                         sed -i 's#$#</components>#' $rdb
>   59                 else
>   60                         cp /@OOBASISDIR@/program/.services.rdb $rdb
>   61                 fi
>   62                 echo "done."
>   63         fi
>   64 }
> 
> to register some optional components in the "registry" file. .services.rdb
> is the "origiaal" files in LibO without them and services.rdb ais that +
> eventually installed optional stuff.
> 
> > This ia a bug why?
> 
> This still holds. Just because chkrootkit warns? No, don't believe that.
> And if you  don't like this, propose something else.

Because it produces a false positive in security auditing tools, and
that will unnecessarily worry less savvy users.  Also, it is very
non-standard and unexpected behavior to find hidden files outside
of /home that you had not explicitly created yourself.

Why can't it be called services.rdb.orig, services.rdb.upstream,
services.rdb.default, or something more useful/descriptive and not
hidden?

If that seems ok, I will create a patch and remove the wontfix.

Best wishes,
Mike

Reply to:

Follow-Ups:
- Bug#644883: libreoffice-core: creates hidden file in /usr
  - From: Rene Engelhard <rene@debian.org>

References:
- Bug#644883: libreoffice-core: creates hidden file in /usr
  - From: Michael Gilbert <michael.s.gilbert@gmail.com>
- Bug#644883: libreoffice-core: creates hidden file in /usr
  - From: Rene Engelhard <rene@debian.org>
- Bug#644883: libreoffice-core: creates hidden file in /usr
  - From: Rene Engelhard <rene@debian.org>

Prev by Date: Bug#641412: libreoffice: bug reproduced
Next by Date: Bug#641412: libreoffice: bug reproduced
Previous by thread: Processed: Re: Bug#644883: libreoffice-core: creates hidden file in /usr
Next by thread: Bug#644883: libreoffice-core: creates hidden file in /usr
Index(es):
- Date
- Thread