Re: Security Problem !?!

To: joost witteveen <joost@rulcmc.leidenuniv.nl>
Cc: debian-user@lists.debian.org
Subject: Re: Security Problem !?!
From: Matthew Tebbens <matthew@tebbens.idsi.net>
Date: Sat, 18 Oct 1997 11:18:01 -0400 (EDT)
Message-id: <[🔎] Pine.LNX.3.96.971018111534.2373A-100000@tebbens.idsi.net>
In-reply-to: <[🔎] m0xMVs2-000CL6C@rulcmc.leidenuniv.nl>

No, I was not running patch as root.
I've done it a number of times now with the same result !

I have not changed anything with regard to patch....
I'll test again today, but I'm sure I'll get the same
results.

Matthew



On Sat, 18 Oct 1997, joost witteveen wrote:

> > 
> > I'm not sure if this is suppose to happen, but it sure
> > looks serious to me...
> > 
> > While patching some source code I noticed that all the files
> > that were patched were now group owned by root !?!
> > 
> > The command I used was:
> > patch -p1 < patch.diff
> > 
> > I've done this a few times to check, and each time it changes.
> > Is this suppose to happen ??
> 
> No, you're not supposed to run patch as root. Patch
> apparently creates a new file before starting to apply the changes
> to that particular file, and the creation happens as the UID that
> started patch. In your case, this, as you were root when you  ran
> patch, this UID was 0 (root).
> 
> See transcript where you can see the original file hoi1 has inode
> 412018, but after patching, the inode changed to 32923. Thus patch
> has created that file anew:
> 
> 
> rulcmc:~/rommel$ echo hoi > hoi1
> rulcmc:~/rommel$ echo hoi1 > hoi2
> rulcmc:~/rommel$ ls -ali hoi1 hoi2
>  412018 -rw-r--r--   1 joost    users           4 Oct 18 12:07 hoi1
>  412019 -rw-r--r--   1 joost    users           5 Oct 18 12:07 hoi2
> rulcmc:~/rommel$ diff -u hoi1 hoi2|patch
> patching file `hoi1'
> rulcmc:~/rommel$ ls -ali hoi1 hoi2
>   32923 -rw-r--r--   1 joost    users           5 Oct 18 12:07 hoi1
>  412019 -rw-r--r--   1 joost    users           5 Oct 18 12:07 hoi2
> 
> I think it's quite normal that patch creates files owned by
> the user whos starts patch, and indeed, I wouldn't want patch
> to mess around with the ownership of that file.
> 
> PS: if you really were running patch as non-root, you've descovered
>     a very, very, very, very enourmously serious security bug.
>     But I'm sure you haven't
> -- 
> joost witteveen, joostje@debian.org
> #!/usr/bin/perl -sp0777i<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<j]dsj
> $/=unpack('H*',$_);$_=`echo 16dio\U$k"SK$/SM$n\EsN0p[lN*1
> lK[d2%Sa2/d0$^Ixp"|dc`;s/\W//g;$_=pack('H*',/((..)*)$/)
> #what's this? see http://www.dcs.ex.ac.uk/~aba/rsa/
> 


--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-user-request@lists.debian.org . 
Trouble?  e-mail to templin@bucknell.edu .

Reply to:

Follow-Ups:
- Re: Security Problem !?!
  - From: joost@rulcmc.leidenuniv.nl (joost witteveen)

References:
- Re: Security Problem !?!
  - From: joost@rulcmc.leidenuniv.nl (joost witteveen)

Prev by Date: Re: problem with leafnode and gnus
Next by Date: Re: exim / mh problems
Previous by thread: Re: Security Problem !?!
Next by thread: Re: Security Problem !?!
Index(es):
- Date
- Thread