Re: Security Problem !?!
>
> I'm not sure if this is suppose to happen, but it sure
> looks serious to me...
>
> While patching some source code I noticed that all the files
> that were patched were now group owned by root !?!
>
> The command I used was:
> patch -p1 < patch.diff
>
> I've done this a few times to check, and each time it changes.
> Is this suppose to happen ??
No, you're not supposed to run patch as root. Patch
apparently creates a new file before starting to apply the changes
to that particular file, and the creation happens as the UID that
started patch. In your case, this, as you were root when you ran
patch, this UID was 0 (root).
See transcript where you can see the original file hoi1 has inode
412018, but after patching, the inode changed to 32923. Thus patch
has created that file anew:
rulcmc:~/rommel$ echo hoi > hoi1
rulcmc:~/rommel$ echo hoi1 > hoi2
rulcmc:~/rommel$ ls -ali hoi1 hoi2
412018 -rw-r--r-- 1 joost users 4 Oct 18 12:07 hoi1
412019 -rw-r--r-- 1 joost users 5 Oct 18 12:07 hoi2
rulcmc:~/rommel$ diff -u hoi1 hoi2|patch
patching file `hoi1'
rulcmc:~/rommel$ ls -ali hoi1 hoi2
32923 -rw-r--r-- 1 joost users 5 Oct 18 12:07 hoi1
412019 -rw-r--r-- 1 joost users 5 Oct 18 12:07 hoi2
I think it's quite normal that patch creates files owned by
the user whos starts patch, and indeed, I wouldn't want patch
to mess around with the ownership of that file.
PS: if you really were running patch as non-root, you've descovered
a very, very, very, very enourmously serious security bug.
But I'm sure you haven't
--
joost witteveen, joostje@debian.org
#!/usr/bin/perl -sp0777i<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<j]dsj
$/=unpack('H*',$_);$_=`echo 16dio\U$k"SK$/SM$n\EsN0p[lN*1
lK[d2%Sa2/d0$^Ixp"|dc`;s/\W//g;$_=pack('H*',/((..)*)$/)
#what's this? see http://www.dcs.ex.ac.uk/~aba/rsa/
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-user-request@lists.debian.org .
Trouble? e-mail to templin@bucknell.edu .
Reply to: