On Sun, 2016-05-15 at 01:29 +0200, Martin Matuska wrote: > Ian, we are here talking about cpio, not libarchive. The flag in > libarchive is not active by default. > Yes. We use cpio for filesystem images, for historical reasons (such as cpio's ability to encode device major/minor node numbers and other stuff that doesn't really matter anymore, but the format is kinda cast in stone now). -- Ian > > On 14.05.2016 22:08, Ian Lepore wrote: > > On Sat, 2016-05-14 at 15:51 -0400, michael butler wrote: > > > From the looks of this, I think it's likely better to have the > > > default > > > be "secure" and ezjail-admin use the "--insecure" flag as an > > > explicit > > > override. That's the only place I've noticed the need for it > > > although > > > I've not done an extensive search for any other instances in > > > which it > > > might be required, > > > > > > imb > > > > > The real damage will happen to out-of-tree users. I think this > > will > > impact our software updater for $work for example, and it has to > > work > > with both old and new versions of libarchive, and now the new > > version > > will require a flag that the old version will reject as unknown. > > > > Ick. > > > > -- Ian > > > > > On 5/14/2016 3:46 PM, Tim Kientzle wrote: > > > > A little history about this issue: > > > > > > > > http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2304 > > > > > > > > > > > > > On May 14, 2016, at 12:17 PM, Tim Kientzle <tim_at_kientzle.com> > > > > > wrote: > > > > > > > > > > Many people consider the traditional behavior to be a > > > > > security > > > > > risk, which is why this was changed. > > > > > > > > > > FreeBSD is welcome to make --insecure the default on FreeBSD, > > > > > but > > > > > I'm reluctant to do that in the upstream libarchive project. > > > > > > > > > > Tim > > > > > > > > > > > > > > > > On May 12, 2016, at 8:54 AM, Martin Matuska <mm_at_freebsd.org > > > > > > > > > > > > > wrote: > > > > > > > > > > > > Looks like we have to remove line #174 from cpio/cpio.c: > > > > > > cpio->extract_flags |= > > > > > > ARCHIVE_EXTRACT_SECURE_NOABSOLUTEPATHS; > > > > > > > > > > > > This breaks traditional cpio behavior. > > > > > > > > > > > > Quoting Martin Matuska <mm_at_freebsd.org>: > > > > > > > > > > > > > Hi Michael, I have looked at the source and this is an > > > > > > > intended change in 3.2.0. > > > > > > > > > > > > > > An absolute path security check was added, cpio refuses > > > > > > > to > > > > > > > extract or copy over absolute paths. To do this anyway > > > > > > > the "- > > > > > > > -insecure" flag must be used. > > > > > > > > > > > > > > Here is the commit: > > > > > > > https://github.com/libarchive/libarchive/commit/593571577 > > > > > > > 06d4 > > > > > > > 7c365b2227739e17daba3607526 > > > > > > > > > > > > > > Quoting Michael Butler <imb_at_protected-networks.net>: > > > > > > > > > > > > > > > It seems that today's libarchive update breaks cpio's > > > > > > > > behaviour: > > > > > > > > > > > > > > > > sudo ezjail-admin update -i -s /usr/src > > > > > > > > > > > > > > > > [ .. ] > > > > > > > > > > > > > > > > cd /usr/src/etc/..; install -o root -g wheel -m 444 > > > > > > > > COPYRIGHT > > > > > > > > /usr/local/jails/fulljail/ > > > > > > > > install -o root -g wheel -m 444 > > > > > > > > /usr/src/etc/../sys/i386/conf/GENERIC.hints > > > > > > > > /usr/local/jails/fulljail/boot/device.hints > > > > > > > > /usr/local/jails/basejail/bincpio: bin: Path is > > > > > > > > absolute: > > > > > > > > Unknown error: -1 > > > > > > > > > > > > > > > > /usr/local/jails/basejail/bin/catcpio: bin/cat: Path is > > > > > > > > absolute: > > > > > > > > Unknown error: -1 > > > > > > > > > > > > > > > > /usr/local/jails/basejail/bin/chflagscpio: bin/chflags: > > > > > > > > Path is > > > > > > > > absolute: Unknown error: -1 > > > > > > > > > > > > > > > > /usr/local/jails/basejail/bin/chiocpio: bin/chio: Path > > > > > > > > is > > > > > > > > absolute: > > > > > > > > Unknown error: -1 > > > > > > > > > > > > > > > > /usr/local/jails/basejail/bin/chmodcpio: bin/chmod: > > > > > > > > Path is > > > > > > > > absolute: > > > > > > > > Unknown error: -1 > > > > > > > > > > > > > > > > /usr/local/jails/basejail/bin/cpcpio: bin/cp: Path is > > > > > > > > absolute: Unknown > > > > > > > > error: -1 > > > > > > > > > > > > > > > > /usr/local/jails/basejail/bin/datecpio: bin/date: Path > > > > > > > > is > > > > > > > > absolute: > > > > > > > > Unknown error: -1 > > > > > > > > > > > > > > > > /usr/local/jails/basejail/bin/ddcpio: bin/dd: Path is > > > > > > > > absolute: Unknown > > > > > > > > error: -1 > > > > > > > > > > > > > > > > /usr/local/jails/basejail/bin/dfcpio: bin/df: Path is > > > > > > > > absolute: Unknown > > > > > > > > error: -1 > > > > > > > > > > > > > > > > /usr/local/jails/basejail/bin/domainnamecpio: > > > > > > > > bin/domainname: Path is > > > > > > > > absolute: Unknown error: -1 > > > > > > > > [ .. etc. .. ] > > > > > > > > > > > > > > > > > > > > > Martin Matuska > > > > > > > FreeBSD committer > > > > > > > http://blog.vx.sk > > > > > > > > > > > > > > > > > > Martin Matuska > > > > > > FreeBSD committer > > > > > > http://blog.vx.sk > > > _______________________________________________ > > > freebsd-current_at_freebsd.org mailing list > > > https://lists.freebsd.org/mailman/listinfo/freebsd-current > > > To unsubscribe, send any mail to " > > > freebsd-current-unsubscribe_at_freebsd.org" > > _______________________________________________ > freebsd-current_at_freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-current > To unsubscribe, send any mail to " > freebsd-current-unsubscribe_at_freebsd.org"Received on Sat May 14 2016 - 21:38:18 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:41:04 UTC