public inbox for glibc-bugs@sourceware.org
help / color / mirror / Atom feed
* [Bug dynamic-link/16871] New: ldconfig -X should not touch symlinks
@ 2014-04-23 22:01 Martin.vGagern at gmx dot net
2014-06-12 19:38 ` [Bug dynamic-link/16871] " fweimer at redhat dot com
` (2 more replies)
0 siblings, 3 replies; 4+ messages in thread
From: Martin.vGagern at gmx dot net @ 2014-04-23 22:01 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=16871
Bug ID: 16871
Summary: ldconfig -X should not touch symlinks
Product: glibc
Version: 2.19
Status: NEW
Severity: minor
Priority: P2
Component: dynamic-link
Assignee: unassigned at sourceware dot org
Reporter: Martin.vGagern at gmx dot net
Currently (and since commit 647eb037f from 2001), ldconfig will unlink any file
it considers a stale library symlink. It will do so even if the -X option is
given on the command line, and it will also do so no matter what error occurred
while executing stat64 on the real file name.
One problem with this is that people might reasonably expect unlink -X -N to
have no side effects except its output. This is how I found the issue: the
configure script of the xapian library calls “/sbin/ldconfig -N -X -v”, and
does so only to parse its output, with no modification intended.
Another problem is that the errno resulting from the stat64 call is not
checked. So any error accessing that file leads to removal of the symlink. In
particular, insufficient permissions are affected by this as well. So if a
group of admins were allowed to write /usr/lib and someone installed a symlink
there to a library which is group-readable but not world-readable, then an
admin not in that group might accidentially delete said symlink. With only root
accessing these directories, access should normally not be a problem, but I
guess the problem might reappear with e.g. nfs mapping root to non-root.
So on the whole, I suggest that you change the unlink condition to
if (errno == ENOENT && do_remove && strstr (direntry->d_name, ".so."))
or something like this.
--
You are receiving this mail because:
You are on the CC list for the bug.
>From glibc-bugs-return-22173-listarch-glibc-bugs=sources.redhat.com@sourceware.org Thu Apr 24 14:19:30 2014
Return-Path: <glibc-bugs-return-22173-listarch-glibc-bugs=sources.redhat.com@sourceware.org>
Delivered-To: listarch-glibc-bugs@sources.redhat.com
Received: (qmail 16327 invoked by alias); 24 Apr 2014 14:19:29 -0000
Mailing-List: contact glibc-bugs-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <glibc-bugs.sourceware.org>
List-Subscribe: <mailto:glibc-bugs-subscribe@sourceware.org>
List-Post: <mailto:glibc-bugs@sourceware.org>
List-Help: <mailto:glibc-bugs-help@sourceware.org>, <http://sourceware.org/lists.html#faqs>
Sender: glibc-bugs-owner@sourceware.org
Delivered-To: mailing list glibc-bugs@sourceware.org
Received: (qmail 16238 invoked by uid 48); 24 Apr 2014 14:19:24 -0000
From: "bernie.ogden at linaro dot org" <sourceware-bugzilla@sourceware.org>
To: glibc-bugs@sourceware.org
Subject: [Bug nptl/15119] [arm] unnecessary busy loop in __lll_timedlock_wait on ARM
Date: Thu, 24 Apr 2014 14:19:00 -0000
X-Bugzilla-Reason: CC
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: glibc
X-Bugzilla-Component: nptl
X-Bugzilla-Version: unspecified
X-Bugzilla-Keywords:
X-Bugzilla-Severity: normal
X-Bugzilla-Who: bernie.ogden at linaro dot org
X-Bugzilla-Status: NEW
X-Bugzilla-Priority: P2
X-Bugzilla-Assigned-To: bernie.ogden at linaro dot org
X-Bugzilla-Target-Milestone: ---
X-Bugzilla-Flags:
X-Bugzilla-Changed-Fields: cc assigned_to
Message-ID: <bug-15119-131-gwBB6nWKX5@http.sourceware.org/bugzilla/>
In-Reply-To: <bug-15119-131@http.sourceware.org/bugzilla/>
References: <bug-15119-131@http.sourceware.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 7bit
X-Bugzilla-URL: http://sourceware.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
X-SW-Source: 2014-04/txt/msg00124.txt.bz2
Content-length: 490
https://sourceware.org/bugzilla/show_bug.cgi?id\x15119
Bernard Ogden <bernie.ogden at linaro dot org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |bernie.ogden at linaro dot org
Assignee|maxim.kuvyrkov at gmail dot com |bernie.ogden at linaro dot org
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 4+ messages in thread
* [Bug dynamic-link/16871] ldconfig -X should not touch symlinks
2014-04-23 22:01 [Bug dynamic-link/16871] New: ldconfig -X should not touch symlinks Martin.vGagern at gmx dot net
@ 2014-06-12 19:38 ` fweimer at redhat dot com
2014-07-31 9:18 ` vapier at gentoo dot org
2015-02-18 14:42 ` fweimer at redhat dot com
2 siblings, 0 replies; 4+ messages in thread
From: fweimer at redhat dot com @ 2014-06-12 19:38 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=16871
Florian Weimer <fweimer at redhat dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |fweimer at redhat dot com
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 4+ messages in thread
* [Bug dynamic-link/16871] ldconfig -X should not touch symlinks
2014-04-23 22:01 [Bug dynamic-link/16871] New: ldconfig -X should not touch symlinks Martin.vGagern at gmx dot net
2014-06-12 19:38 ` [Bug dynamic-link/16871] " fweimer at redhat dot com
@ 2014-07-31 9:18 ` vapier at gentoo dot org
2015-02-18 14:42 ` fweimer at redhat dot com
2 siblings, 0 replies; 4+ messages in thread
From: vapier at gentoo dot org @ 2014-07-31 9:18 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=16871
Mike Frysinger <vapier at gentoo dot org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |vapier at gentoo dot org
See Also| |https://bugs.gentoo.org/sho
| |w_bug.cgi?id=508052
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 4+ messages in thread
* [Bug dynamic-link/16871] ldconfig -X should not touch symlinks
2014-04-23 22:01 [Bug dynamic-link/16871] New: ldconfig -X should not touch symlinks Martin.vGagern at gmx dot net
2014-06-12 19:38 ` [Bug dynamic-link/16871] " fweimer at redhat dot com
2014-07-31 9:18 ` vapier at gentoo dot org
@ 2015-02-18 14:42 ` fweimer at redhat dot com
2 siblings, 0 replies; 4+ messages in thread
From: fweimer at redhat dot com @ 2015-02-18 14:42 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=16871
Florian Weimer <fweimer at redhat dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Flags| |security-
--- Comment #1 from Florian Weimer <fweimer at redhat dot com> ---
The incorrect deletion does not really cross a trust boundary, so no security
issue.
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2015-02-18 14:42 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2014-04-23 22:01 [Bug dynamic-link/16871] New: ldconfig -X should not touch symlinks Martin.vGagern at gmx dot net
2014-06-12 19:38 ` [Bug dynamic-link/16871] " fweimer at redhat dot com
2014-07-31 9:18 ` vapier at gentoo dot org
2015-02-18 14:42 ` fweimer at redhat dot com
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).