pkg/39449: lang/pear uses /tmp (probably unsafely) during build

To: pkg-manager%netbsd.org@localhost,gnats-admin%netbsd.org@localhost,pkgsrc-bugs%netbsd.org@localhost
Subject: pkg/39449: lang/pear uses /tmp (probably unsafely) during build
From: dave%dtsp.co.nz@localhost
Date: Tue, 2 Sep 2008 02:45:00 +0000 (UTC)

>Number:         39449
>Category:       pkg
>Synopsis:       lang/pear uses /tmp (probably unsafely) during build
>Confidential:   no
>Severity:       serious
>Priority:       low
>Responsible:    pkg-manager
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Tue Sep 02 02:45:00 +0000 2008
>Originator:     David Sainty
>Release:        
>Organization:
>Environment:
Linux 2.6.24-19-generic #1 SMP Fri Jul 11 23:41:49 UTC 2008 i686 GNU/Linux

>Description:
Building lang/pear leads to the creation of /tmp/test, /tmp/pear and 
/tmp/download.

If the package is built with unprivileged users and old files of the same names 
are present, then the package build doesn't progress correctly.

Unfortunately the package installation still completes, but most of the files 
in PLIST aren't there.

An installation with "ln -s myfile /tmp/test" in place suggests that this is a 
security hole at package installation time - it does create or overwrite 
"/tmp/myfile".  I haven't tested overwriting arbitrary files with a root 
installation of pear, but I suspect I already know what it will do :)

>How-To-Repeat:

>Fix:
Get it to use a directory under "work" instead of "/tmp".

Prev by Date: Re: pkg/37096 (wm/ion fails on Linux)
Next by Date: Re: pkg/39276 (pkg_admin rebuild-tree crash (pkgtools/pkg_install))
Previous by Thread: pkg/39447: pkgsrc-current pbulk doesn't install
Next by Thread: pkg/39450: Package update: lang/ocamlduce (to 3.10.2)
Indexes:

Home | Main Index | Thread Index | Old Index