RPM Community Forums

Mailing List Message of <popt-devel>

Re: Fwd: Adding poptSecuritySaneFile to popt-1.15?

From: Ralf S. Engelschall <rse@rpm5.org>
Date: Fri 19 Dec 2008 - 17:11:37 CET
Message-ID: <20081219161137.GA8627@engelschall.com>
On Fri, Dec 19, 2008, Ralf S. Engelschall wrote:

> On Fri, Dec 19, 2008, Jeff Johnson wrote:
>
> > (resent, dunno where the 1st message went)
>
> I don't know, never seen on the list...
>
> > I kind of like the idea of using a '@' before a file path as an
> > "attention" marker to increase the file validation checks, and so I'm
> > likely to refactor the functionality out of rpm and into popt-1.15 as
> > part of simplifying rpm configuration/initialization.
> >
> > At the same time, I will probably add a new poptReadConfigFiles()
> > method whose argument will be a colon separated list of configuration
> > file paths to read.
> >
> > Any other opinions?
>
> As long as the particular security check (here rpmSecuritySaneFile
> for RPM_VENDOR_OPENPKG) embedded into POPT can be optionally still
> overridden from within RPM (in case one needs some additional checks or
> a different error message or whatever) I'm happy. Perhaps an optional
> callback does the trick.

BTW, under RPM_VENDOR_OPENPKG the "@" attention marker is not just used
for POPT files. It is also used for RPM macro files and Lua script
files! So, please be careful that instead of a "factoring out" not a
"partial removal" happens to the functionality.

For completeness reasons, here is how OpenPKG 4 configures RPM 5:

| [...]
| #   determine POPT option, RPM macros and Lua script file paths
| RPMPOPT="%{l_prefix}/lib/openpkg/rpmpopt"
| RPMPOPT="$RPMPOPT:%{l_prefix}/etc/openpkg/rpmpopt"
| RPMPOPT="$RPMPOPT:%{l_prefix}/etc/openpkg/rpmpopt.d/*"
| RPMPOPT="$RPMPOPT:~/.openpkg/rpmpopt"
| RPMPOPT="$RPMPOPT:@../../.openpkg/rpmpopt"
| RPMPOPT="$RPMPOPT:@../.openpkg/rpmpopt"
| RPMPOPT="$RPMPOPT:@./.openpkg/rpmpopt"
| RPMMACROS="%{l_prefix}/lib/openpkg/rpmmacros"
| RPMMACROS="$RPMMACROS:%{l_prefix}/etc/openpkg/rpmmacros"
| RPMMACROS="$RPMMACROS:%{l_prefix}/etc/openpkg/rpmmacros.d/*"
| RPMMACROS="$RPMMACROS:~/.openpkg/rpmmacros"
| RPMMACROS="$RPMMACROS:@../../.openpkg/rpmmacros"
| RPMMACROS="$RPMMACROS:@../.openpkg/rpmmacros"
| RPMMACROS="$RPMMACROS:@./.openpkg/rpmmacros"
| RPMLUA="%{l_prefix}/lib/openpkg/rpmlua"
| RPMLUA="$RPMLUA:%{l_prefix}/etc/openpkg/rpmlua"
| RPMLUA="$RPMLUA:%{l_prefix}/etc/openpkg/rpmlua.d/*"
| RPMLUA="$RPMLUA:~/.openpkg/rpmlua"
| RPMLUA="$RPMLUA:@../../.openpkg/rpmlua"
| RPMLUA="$RPMLUA:@../.openpkg/rpmlua"
| RPMLUA="$RPMLUA:@./.openpkg/rpmlua"
|
| #   configure program
| ./configure \
|     --cache-file=./config.cache \
|     --prefix=%{l_prefix} \
|     --mandir="%{l_prefix}/man" \
|     --includedir="%{l_prefix}/include/openpkg" \
|     --with-name="OpenPKG RPM" \
|     --with-path-cfg="%{l_prefix}/etc/openpkg" \
|     --with-path-rpmpopt="$RPMPOPT" \
|     --with-path-macros="$RPMMACROS" \
|     --with-path-rpmlua="$RPMLUA" \
|     [...]

As you can see, the attention markers are especially used on all paths
relative to the current working directory. This allows OpenPKG to use a
very flexible file-system layout with RPM (based on some additional RPM
macro hacking) while at the same time not open a security hole.

Yours,
                                       Ralf S. Engelschall
                                       rse@engelschall.com
                                       www.engelschall.com
Received on Fri Dec 19 17:12:55 2008
Driven by Jeff Johnson and the RPM project team.
Hosted by OpenPKG and Ralf S. Engelschall.
Powered by FreeBSD and OpenPKG.