Bug#481601: marked as done (Debian-specific patch to Polipo: please revert)

[owner@bugs.debian.org (Debian Bug Tracking System)]

Your message dated Sat, 03 Apr 2010 18:43:44 +0000
with message-id <E1Ny8Js-0005WW-JK@ries.debian.org>
and subject line Bug#481601: fixed in polipo 1.0.4.1-1
has caused the Debian Bug report #481601,
regarding Debian-specific patch to Polipo: please revert
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
481601: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=481601
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

• To: "Denis V. Sirotkin" <fechiny@gmail.com>
• Cc: submit@bugs.debian.org
• Subject: Debian-specific patch to Polipo: please revert
• From: Juliusz Chroboczek <jch@pps.jussieu.fr>
• Date: Sat, 17 May 2008 12:07:48 +0200
• Message-id: <871w41i6q3.fsf@pirx.pps.jussieu.fr>

Package: polipo
Version: 1.0.4-1

Denis,

You apply the following patch to Debian's polipo:

++++ polipo-1.0.4/log.c
+@@ -80,7 +80,9 @@
+ 
+     if(logFile != NULL && logFile->length > 0) {
+         FILE *f;
++      mode_t mask = umask(026);
+         f = fopen(logFile->string, "a");
++      umask(mask);
+         if(f == NULL) {
+             do_log_error(L_ERROR, errno, "Couldn't open log file %s",
+                          logFile->string);
+@@ -340,7 +342,9 @@
+ {
+     if(logFile) {
+         FILE *f;
++      mode_t mask = umask(026);
+         f = fopen(logFile->string, "a");
++      umask(mask);
+         if(f == NULL) {
+             do_log_error(L_ERROR, errno, "Couldn't reopen log file %s",
+                          logFile->string);

I have thought it over, and I hereby requests that you revert this
patch.  There are just too many reasons why you should not have
applied it.

1. You did apply a patch relating to security without an explicit ack
From upstream.

I hope it is clear from the recent OpenSSL debacle why this must not
be done.

2. You did apply a patch without first trying to get it applied upstream.

You did send me the patch, but only after you applied it.  You should
only ever apply a patch *after* the patch was rejected upstream *and*
you fully understand the reasons why, and believe that these reasons
do not apply to Debian.

Sorry to beat a dead horse, but taking this approach would have
avoided the recent OpenSSL debacle.

3. You changed Polipo's behaviour without documenting it

The Debian binary of Polipo now behaves differently from the upstream
binary.  This will confuse your users and will confuse your friendly
upstream when he tries to help your users with debugging.

What is more, it will create a rather glaring security hole for anyone
who replaces his Debian binary with an upstream binary (which is
something people sometimes do, when they need a more recent version).

4. Your patch, while technically correct, will lead to bugs in the future.

Your patch manipulates the process' *user* mask, which must never be
manipulated by a program.  The umask is a global process feature.

It will cause a rather glaring security hole if I ever decide to use
threads in Polipo.

The proper way to do what you need is to use open(O_CREAT) with the
right permissions (but obeying the umask), then pass the file
descriptor to fdopen.  Of course, the permissions should be
configurable by a config variable.

Any one of the above reasons is enough to ask you to revert this
patch.

Regards,

                                        Juliusz

Attachment: pgpkKQNTSbsgY.pgp
Description: PGP signature

--- End Message ---

--- Begin Message ---

• To: 481601-close@bugs.debian.org
• Subject: Bug#481601: fixed in polipo 1.0.4.1-1
• From: Erinn Clark <erinn@torproject.org>
• Date: Sat, 03 Apr 2010 18:43:44 +0000
• Message-id: <E1Ny8Js-0005WW-JK@ries.debian.org>

Source: polipo
Source-Version: 1.0.4.1-1

We believe that the bug you reported is fixed in the latest version of
polipo, which is due to be installed in the Debian FTP archive:

polipo_1.0.4.1-1.diff.gz
  to main/p/polipo/polipo_1.0.4.1-1.diff.gz
polipo_1.0.4.1-1.dsc
  to main/p/polipo/polipo_1.0.4.1-1.dsc
polipo_1.0.4.1-1_i386.deb
  to main/p/polipo/polipo_1.0.4.1-1_i386.deb
polipo_1.0.4.1.orig.tar.gz
  to main/p/polipo/polipo_1.0.4.1.orig.tar.gz



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 481601@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Erinn Clark <erinn@torproject.org> (supplier of updated polipo package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Wed, 31 Mar 2010 19:26:20 -0700
Source: polipo
Binary: polipo
Architecture: source i386
Version: 1.0.4.1-1
Distribution: unstable
Urgency: low
Maintainer: Erinn Clark <erinn@torproject.org>
Changed-By: Erinn Clark <erinn@torproject.org>
Description: 
 polipo     - a small, caching web proxy
Closes: 481601 547047 574613
Changes: 
 polipo (1.0.4.1-1) unstable; urgency=low
 .
   * New maintainer.
   * New upstream release.
   * Update Standards-Version to 3.8.4.
   * Remove duplicate word in long description (closes: #574613)
   * Remove 30_log-permission patch. (closes: #481601)
   * Remove 40_segfault_max_age.dpatch. (closes: #547047)
   * Remove 50_integer_overflow.dpatch. Fixed upstream.
   * Remove 60_security_fixes.dpatch. Fixed upstream.
   * Put /var/cache/polipo and /var/log/polipo in the .deb and
     stop managing them in postinst and postrm.
   * Remove offline and online options from polipo-control.
Checksums-Sha1: 
 96410ff1e1d2bdb4b5fc8677023b6d62a4dfcca7 1325 polipo_1.0.4.1-1.dsc
 e755b585a9bba2b599a6bcc7c6f7035d3cb27bec 180121 polipo_1.0.4.1.orig.tar.gz
 199ad14d780ed116e3168735e32e196fa3b066d7 10405 polipo_1.0.4.1-1.diff.gz
 b072e617b44242997f22b246c0629a280e3f6415 191566 polipo_1.0.4.1-1_i386.deb
Checksums-Sha256: 
 32ec3a0f2a7e620895a17ec9a19734bcd7f84dab0fd8f1377f834cad35e6e1a9 1325 polipo_1.0.4.1-1.dsc
 8d6fbfdec600d42823e483b0143704c6f179c349803028a4d2cef056b79f7cfa 180121 polipo_1.0.4.1.orig.tar.gz
 22696b8b84264b0c2370435c830ffedcc35303f2c5daf2bd8ba1b8de9b05fd46 10405 polipo_1.0.4.1-1.diff.gz
 51dc36e54a1306958735c1b8ab4418995750b6285573b79e5026f8faa0f1aa86 191566 polipo_1.0.4.1-1_i386.deb
Files: 
 eba3d707a38ae6704914b76304c79bf1 1325 web optional polipo_1.0.4.1-1.dsc
 bfc5c85289519658280e093a270d6703 180121 web optional polipo_1.0.4.1.orig.tar.gz
 8e911db01b50aa682136843868a21b0d 10405 web optional polipo_1.0.4.1-1.diff.gz
 4791684b3f9ee66e92776ab00523b596 191566 web optional polipo_1.0.4.1-1_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iQEcBAEBAgAGBQJLtBK3AAoJEEFvBhBj/uZZ21wH/jCVjb6nUUxqyuykU04lkmYG
vso1eEneXOUA7ww+GG2EQrdsuxDikwJCFkBuccPPdziDBiCaSvbv9YuZ2bsvjM89
8EWkGuS08ihLE5EVMj8sEQPTnjSCkIKWbXG/D5+Uj5Eja3YPYMfiNjLIcQ1z1FI7
4/C7QL2v2NGPK8xe0c43Das9u3c+hG077fArLFbR9DSwfVQFqLnNpFe9nD0R50Fb
f3e1yY8psc1Yu5lUDuh0W+qj++B9Ib85UP0vqMkAKT+82j1icWiWx92QRYr85Kn2
Rm3nWNaENW9G2I4Jbl6Gm6jSjLv+bwcNx21uXlY8HQjqGTdOpNi6wWtwReiapuU=
=tE8e
-----END PGP SIGNATURE-----

--- End Message ---