[Ltib] World writable dirs in ltib

[Svein Seldal]

Hi

(@Admin: Please ignore&delete my previous post, as it was sent from 
another account which isn't subscribing to this list.)

The LPP directory, among other directories in /opt/freescale/ltib, is
set world writable by the ltib script. This is by many considered a
security offense as everyone (even guest or any least-privileged users)
have write access to these directories.

I'm about to deploy ltib on a common shared build server, where world
writable dirs is not permissible. I could, of course, just alter the
permission on the dirs locally, but to add insult to injury ltib
actually checks that it is world writeable and refuses to continue
without it.

My recommendation is to take away those malicious chmod's from the
rpm-fs install script, and do away with the awful 777 check in ltib.
IMHO it is the sysop/user's responsibility to set permissions/ownerships
policy and enforce security, not the script.

I've attached a proposal to a fix. It removes the chmod 777 in
rpm-fs*.spec and rather uses the compiling user's name as owner for the
given directories. This will ensure that ltib --hostcf works seamlessly
  for single user machines.

For those of us on a multi user machine, the other part of the attached
patch (ltib) will now fail unless the (rw) permissions are set right,
but it won't try to fix it. Any awake sysops will of course catch this
failure and set the correct permissions manually.

PS! I'm not sure of which macros/variables that are available in the
%Files section of the spec-file. Thus my patch hardcodes the location
for ltib/pkgs. Please feel free to find another more correct method.


- Svein


diff -ru ltib.orig/dist/lfs-5.1/rpm/rpm-fs.spec 
ltib/dist/lfs-5.1/rpm/rpm-fs.spec
--- ltib.orig/dist/lfs-5.1/rpm/rpm-fs.spec      2008-12-05 17:32:15.000000000 
+0100
+++ ltib/dist/lfs-5.1/rpm/rpm-fs.spec   2009-07-06 15:07:41.000000000 +0200
@@ -95,13 +95,8 @@
 var="`echo %{_prefix} | sed -e s,/usr$,,`/var"
 etc="`echo %{_prefix} | sed -e s,/usr$,,`/etc"
 mkdir -p $RPM_BUILD_ROOT/%{base}/ltib/pkgs
-chmod 777 $RPM_BUILD_ROOT/%{base}/ltib/pkgs
 mkdir -p $RPM_BUILD_ROOT/$var/tmp
-chmod 777 $RPM_BUILD_ROOT/$var/tmp
-chmod 777 $RPM_BUILD_ROOT/%{_prefix}/src/rpm/*
-chmod 777 $RPM_BUILD_ROOT/%{_prefix}/src/rpm/RPMS/*
 mkdir -p $RPM_BUILD_ROOT/$etc/rpm
-chmod 777 $RPM_BUILD_ROOT/$etc/rpm
 
 # disable the perl dependency tracking, which is inappropriate for
 # cross use, and in any case optimistic
@@ -139,6 +134,9 @@
 
 %Files
 %defattr(-,root,root)
+%attr(-,-,-) %{base}/ltib/pkgs
+%attr(-,-,-) %{base}/ltib/var/tmp
+%attr(-,-,-) %{base}/ltib/usr/src/rpm
 %{base}/*
 
 
diff -ru ltib.orig/ltib ltib/ltib
--- ltib.orig/ltib      2009-07-05 01:36:09.000000000 +0200
+++ ltib/ltib   2009-07-06 18:07:23.000000000 +0200
@@ -2467,26 +2467,41 @@
     system_nb("mkdir -p $cf->{projtmp}") unless -e $cf->{projtmp};
 
     # we share the download cache area, all must be able to write there
+    my $user = getlogin();
     if(! -e $cf->{lpp} ) {
         system_nb("mkdir -p $cf->{lpp}") == 0 or die(<<TXT);
 
-Cannot create the download directory:
+Cannot create the lpp download directory:
  $cf->{lpp}
 
-Either change to a global directory you have write permissions to,
-or create it as root.  Please set the permissions to 777
+Either change lpp to a directory you ($user) have write permissions to,
+or change the permissions (give read/write/execute permissions).
 
 TXT
     }
-    my $lpp_mode = (stat("$cf->{lpp}"))[2];
-    unless( ($lpp_mode & 040777) == 040777 ) {
-        chmod(0777, $cf->{lpp}) == 1  or die <<TXT;
+    if(! -d $cf->{lpp} ) {
+       die <<TXT;
+
+The lpp download directory:
+ $cf->{lpp}
+exists but not as a directory. Please change lpp to another
+directory or remove this file.
+
+TXT
+    }
+    {
+        use filetest 'access';
+        unless( -w $cf->{lpp} && -r $cf->{lpp} ) {
+            die <<TXT;
 
 Build script aborting as the lpp directory is not configured properly.
-Directory: $cf->{lpp} must exist with read, write, and search
-permissions for owner, group, and world, i.e. drwxrwxrwx
+Directory:
+ $cf->{lpp} 
+must have read, write, and search permissions for the current
+user ($user). 
 
 TXT
+        }
     }
     if( -d "$cf->{top}/pkgs" ) {
         print "Updating lpp from local packages\n";