Date: Wed, 16 Jan 2002 20:10:13 +0200 From: Ruslan Ermilov <ru@FreeBSD.ORG> To: Paul Richards <paul@freebsd-services.com>, Brian Somers <brian@freebsd-services.com> Cc: Murray Stokely <murray@FreeBSD.ORG>, freebsd-qa@FreeBSD.ORG Subject: Re: Changes to man(1) Message-ID: <20020116201013.M13904@sunbay.com> In-Reply-To: <200201161759.g0GHxwL81019@hak.lan.Awfulhak.org> <1011203704.2163.10.camel@lobster.originative.co.uk> References: <murray@FreeBSD.ORG> <20020115234038.GR6073@windriver.com> <200201161759.g0GHxwL81019@hak.lan.Awfulhak.org> <20020115234038.GR6073@windriver.com> <1011203704.2163.10.camel@lobster.originative.co.uk>
next in thread | previous in thread | raw e-mail | index | archive | help
Paul Richards and Brian Somers, after probably talking to each other, wrote simultaneously: On Wed, Jan 16, 2002 at 05:55:03PM +0000, Paul Richards wrote: > On Tue, 2002-01-15 at 23:40, Murray Stokely wrote: > > The release engineers would really like to see Ruslan's latest > > changes to man(1) in FreeBSD 4.5. This change closes a number of > > potential security holes that could allow privilege escalation. > > Please help us look over the recent commit to -CURRENT before we allow > > this to be MFCed. Here are the relevant commits from Ruslan : > > I don't think this should go into -stable. > > It's still a contentious issue in -current and is a significant change > to the historical behaviour of FreeBSD and therefore not something that > should be included in a point release. > > Unless I'm missing something, it's also not a major security whole, the > worst that can happen is that fake manpages can be created. That's > definately significant and I support the tightening in -current but it's > not a critical enough fix to warrant such a major change to a -stable > branch. > Having catpages is optional, and I wouldn't call it a major change, especially that good and secure alternatives for creating catpages were provided. On Wed, Jan 16, 2002 at 05:59:58PM +0000, Brian Somers wrote: [...] > I don't think this is -stable material (it changes system behaviour). > > I also think that putting something this size into the system at this > point in the release cycle should at least warrant another RC. > > I also don't like this new (well, old) mechanism. Instead, I think > man(1) should be fixed so that as soon as any of the default things > like macro packages and man directories are altered, it drops all > privileges. Is there a problem with doing it that way instead ? > Please see http://security-archive.merton.ox.ac.uk/security-audit-200010/0022.html for all other possible pitfalls. But yes, I agree this shouldn't go into -STABLE at this point, because I'm not sure we couldn't find a better solution. <PS> Still want to MFC -m option change. </PS> Cheers, -- Ruslan Ermilov Oracle Developer/DBA, ru@sunbay.com Sunbay Software AG, ru@FreeBSD.org FreeBSD committer, +380.652.512.251 Simferopol, Ukraine http://www.FreeBSD.org The Power To Serve http://www.oracle.com Enabling The Information Age To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-qa" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020116201013.M13904>