ports/163059: Portbuild: Drop privileges for extract/patch/build phases

Chris Rees crees at physics.org
Sun Dec 4 14:20:09 UTC 2011 

>Number:         163059
>Category:       ports
>Synopsis:       Portbuild: Drop privileges for extract/patch/build phases
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Sun Dec 04 14:20:08 UTC 2011
>Closed-Date:
>Last-Modified:
>Originator:     Chris Rees
>Release:        FreeBSD 8.2-STABLE i386
>Organization:
>Environment:
System: FreeBSD freefall.freebsd.org 8.2-STABLE FreeBSD 8.2-STABLE #5 r227907: Wed Nov 23 21:55:50 UTC 2011 simon at freefall.freebsd.org:/usr/obj/usr/src/sys/FREEFALL i386


	
>Description:
	As discussed at [1] and with portmgr, here's a patch to portbuild to drop privileges for most stages except install.

	It's hardcoded, but since the rest of the file is too I don't see any way to get around this :)

	If I can get confirmation that this would be acceptable / perhaps even get a list of broken ports with it that'd be wonderful, (whenever!).  I'm aware one portmgr was interested, although I think right now he's unable to commit much time.

	[1] http://marcuscom.com/pipermail/tinderbox-list/2011-June/002161.html
>How-To-Repeat:
	
>Fix:

	

--- portbuild-su-patch.diff begins here ---
Index: buildscript
===================================================================
--- buildscript	(revision 228258)
+++ buildscript	(working copy)
@@ -193,6 +193,9 @@
 
   echo "prefixes: LOCALBASE=${L}"
 
+  # Nobody isn't allowed to create WRKDIRPREFIX, so we do it for him
+  /usr/bin/install -d -o nobody -m755 /work
+
   # Stash a copy of /etc/master.passwd and /etc/group to detect whether someone modifies it
   cp /etc/master.passwd /etc/master.passwd-save
   cp /etc/group /etc/group-save
@@ -241,7 +244,8 @@
 
   add_pkg ${ED}
   cd $dir
-  /pnohang ${BUILD_TIMEOUT} /tmp/make.log2 ${pkgname} make extract || cleanup 2
+  su -m nobody -c "/pnohang ${BUILD_TIMEOUT} /tmp/make.log2 ${pkgname} \
+		   make extract" || cleanup 2
   cat /tmp/make.log2
   del_pkg ${ED}
 
@@ -254,7 +258,8 @@
   echo "====================<phase 3: make patch>===================="
   add_pkg ${PD}
   cd $dir
-  /pnohang ${BUILD_TIMEOUT} /tmp/make.log3 ${pkgname} make patch || cleanup 3
+  su -m nobody -c "/pnohang ${BUILD_TIMEOUT} /tmp/make.log3 ${pkgname} \
+		   make patch" || cleanup 3
   cat /tmp/make.log3
   del_pkg ${PD}
 
@@ -295,7 +300,8 @@
   fi
 
   cd $dir
-  /pnohang ${BUILD_TIMEOUT} /tmp/make.log4 ${pkgname} make build || cleanup 4
+  su -m nobody -c "/pnohang ${BUILD_TIMEOUT} /tmp/make.log4 ${pkgname} \
+		   make build" || cleanup 4
   cat /tmp/make.log4
 
   echo "================================================================"
--- portbuild-su-patch.diff ends here ---


>Release-Note:
>Audit-Trail:
>Unformatted:

More information about the freebsd-ports-bugs mailing list