sbopkg

mirror of https://github.com/sbopkg/sbopkg synced 2024-09-19 14:30:18 +03:00

SlackBuilds package tool

Go to file

slakmagik badc768e12 address security hole; overhaul tempfile handling This revision corrects a security issue introduced in r762 and a trap lost in r819. The basic idea is to revert the unsafe operator from r762 and then replace sbopkg's static SBOPKGTMP directory with a more secure, volatile one created by mktemp and to use it and a new batch of traps to simplify creation and cleanup of tmp dirs and files. Tmp/trap/cleanup changes: * /etc/sbopkg/sbopkg.conf.new: removed old SBOPKGTMP variable. * config_check(): ditto. Also removed everything about unexpected files since the new SBOPKGTMP should take care of that. * dir_init(): removed SBOPKGTMP variable and its use. Dumped the ALLOW_MULTI/mcookie part, since the new SBOPKGTMP should take care of that. * script-wide: removed all calls to cleanup(), except for the new call from the traps. * check_for_updates(): reverted the redirection operator * build_package(): now uses the volatile SBOPKGTMP directly if/when we CLEANUP, rather than a volatile subdir in a static SBOPKGTMP. * cleanup(): changed all the specific deletions of the contents of the old SBOPKGTMP to a general deletion of the entire new SBOPKGTMP. Dumped the ALLOW_MULTI stuff since it can't be triggered now (rm -r of a mktemp vs. a rmdir of an mcookie). * control_c(): made a comment more specific; made the function a lot quieter; removed the cleanup/exit parts now trapped. * main: added traps; assigned to SBOPKGTMP internally with a mktemp invocation that respects TMPDIR and moved up all SBOPKGTMP variables that had to wait on sourcing the config file since they no longer have to wait for that. Unrelated changes that I tripped over along the way: * pid_check(): combine PIDFILE declaration and assignment and shorten comment. * info_item(): changed use of filenames to use of variables. * sync_repo(): made an error condition exit 1 rather than 0. * get_source(): changed PIDLIST to SBOPKG_PIDLIST like it is elsewhere. * pick_file(): establish a RETURN trap to clean out files which are now referred to by variables rather than semi-random deletions of files referred to by filenames. * process_queue(): now moves the built package from the tmpdir before installing rather than after so people's PACKAGE LOCATION lines aren't screwed up in their package db. * main: combined a command and exit status check into the one 'if'. Also changed some more filenames to vars and removed two that didn't need to be declared there. (They can be local to their functions since r831 or so.)	2010-07-20 02:05:28 +00:00
src	address security hole; overhaul tempfile handling	2010-07-20 02:05:28 +00:00
tools	reversed ChangeLog handling and updated it	2010-06-14 04:47:10 +00:00

slakmagik badc768e12 address security hole; overhaul tempfile handling

This revision corrects a security issue introduced in r762 and a trap
lost in r819. The basic idea is to revert the unsafe operator from r762
and then replace sbopkg's static SBOPKGTMP directory with a more secure,
volatile one created by mktemp and to use it and a new batch of traps to
simplify creation and cleanup of tmp dirs and files.

Tmp/trap/cleanup changes:

* /etc/sbopkg/sbopkg.conf.new: removed old SBOPKGTMP variable.
* config_check(): ditto. Also removed everything about unexpected files
  since the new SBOPKGTMP should take care of that.
* dir_init(): removed SBOPKGTMP variable and its use. Dumped the
  ALLOW_MULTI/mcookie part, since the new SBOPKGTMP should take care of
  that.
* script-wide: removed all calls to cleanup(), except for the new call
  from the traps.
* check_for_updates(): reverted the redirection operator
* build_package(): now uses the volatile SBOPKGTMP directly if/when we
  CLEANUP, rather than a volatile subdir in a static SBOPKGTMP.
* cleanup(): changed all the specific deletions of the contents of the
  old SBOPKGTMP to a general deletion of the entire new SBOPKGTMP.
  Dumped the ALLOW_MULTI stuff since it can't be triggered now (rm -r of
  a mktemp vs. a rmdir of an mcookie).
* control_c(): made a comment more specific; made the function a lot
  quieter; removed the cleanup/exit parts now trapped.
* main: added traps; assigned to SBOPKGTMP internally with a mktemp
  invocation that respects TMPDIR and moved up all SBOPKGTMP variables
  that had to wait on sourcing the config file since they no longer have
  to wait for that.

Unrelated changes that I tripped over along the way:

* pid_check(): combine PIDFILE declaration and assignment and shorten
  comment.
* info_item(): changed use of filenames to use of variables.
* sync_repo(): made an error condition exit 1 rather than 0.
* get_source(): changed PIDLIST to SBOPKG_PIDLIST like it is elsewhere.
* pick_file(): establish a RETURN trap to clean out files which are now
  referred to by variables rather than semi-random deletions of files
  referred to by filenames.
* process_queue(): now moves the built package from the tmpdir before
  installing rather than after so people's PACKAGE LOCATION lines aren't
  screwed up in their package db.
* main: combined a command and exit status check into the one 'if'. Also
  changed some more filenames to vars and removed two that didn't need
  to be declared there. (They can be local to their functions since r831
  or so.)

2010-07-20 02:05:28 +00:00

src

address security hole; overhaul tempfile handling

2010-07-20 02:05:28 +00:00

tools

reversed ChangeLog handling and updated it

2010-06-14 04:47:10 +00:00