Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 22 Jun 1999 12:46:49 +0930 (CST)
From:      Kris Kennaway <kkennawa@physics.adelaide.edu.au>
To:        Peter Wemm <peter@netplex.com.au>
Cc:        "Brian F. Feldman" <green@unixhelp.org>, Jean-Marc Zucconi <jmz@freebsd.org>, hoek@freebsd.org, cvs-committers@freebsd.org, cvs-all@freebsd.org
Subject:   Re: cvs commit: src/sys/kern imgact_gzip.c 
Message-ID:  <Pine.OSF.4.10.9906221242200.4351-100000@bragg>
In-Reply-To: <19990622030346.622EA75@overcee.netplex.com.au>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Tue, 22 Jun 1999, Peter Wemm wrote:

> Ahh yes, I forgot that / was read-write for MFS boots.  However:
> 
> #!/bin/sh
> skip=18
> if /usr/bin/tail +$skip $0 | gzip -cd > /tmp/gztmp$$; then
>   chmod 700 /tmp/gztmp$$
>   prog="`echo $0 | sed 's|^.*/||'`"
>   if /bin/ln /tmp/gztmp$$ "/tmp/$prog" 2>/dev/null; then
>     trap '/bin/rm -f /tmp/gztmp$$ "/tmp/$prog"; exit $res' 0
>     (/bin/sleep 5; /bin/rm -f /tmp/gztmp$$ "/tmp/$prog") 2>/dev/null &
>     /tmp/"$prog" ${1+"$@"}; res=$?
>   else
>     trap '/bin/rm -f /tmp/gztmp$$; exit $res' 0
>     (/bin/sleep 5; /bin/rm -f /tmp/gztmp$$) 2>/dev/null &
>     /tmp/gztmp$$ ${1+"$@"}; res=$?
>   fi
> else
>   echo Cannot decompress $0; exit 1
> fi; exit $res

This is the unpatched (insecure) version of gzexe (all the /tmp/gztmp$$'s),
but it's functionally the same.

> Now, if tail, sh, gzip, chmod, ln, sleep, rm, etc are all in the gzexe'd
> crunched linked binary, how is it supposed to decompress itself?  "sh" itself
> is part of the crunched binary, so what is going to decode sh when sh itself
> is a shell script?

Yes, that seems to be a problem - gzexe depends on those executables. However
it shouldn't be too hard to recode this decompressor in C to perform the same
job without any external dependencies. The question is whether that would be
easier than fixing the kernel to handle gzipped ELF binaries transparently -
almost certainly it would be.

Kris

> Cheers,
> -Peter

-----
"Never criticize anybody until you have walked a mile in their shoes,
because by that time you will be a mile away and have their shoes."
    -- Unknown



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.OSF.4.10.9906221242200.4351-100000>