This repository has been archived by the owner. It is now read-only.

check noexec status of builddir #170

Closed
rmarquis opened this Issue May 15, 2013 · 1 comment

Comments

1 participant
Owner

rmarquis commented May 15, 2013

From the AUR comments:

DaveCode:

For security I disable exec permissions on /tmp. Some AUR packages need it. Once in a 
while pacaur snags on that permission issue.

It's easy to fix with /tmp remount if you can remember the problem. That's always my 
snag - remembering! Many times now, I've stared at a screen wondering why pacaur 
stopped. I would like pacaur to emit messages on the subject and/or check in advance if 
it can know a package needs exec (if possible). Thanks!

Myself:

DaveCode> Do you have an example of such PKGBUILD? Pacaur error handling might be improved here.

But I don't think it is possible to know in advance if a PKGBUILD needs exec easily 
('exec' is easy to detect, but './' has tons of false positive). Anyway, you should always 
have a look at the PKGBUILD before compiling, so you'll know if it needs it :)

[...]

DaveCode> The more I think about it, the more I believe that checking on an PKGBUILD 
basis is overkill. The user is entirely responsible for its system, so if the user explicitly 
change the exec permission it is he that should deal with it. A simple exec check on the 
build dir with a warning before the install would be sufficient. And even in that case, I'm not 
sure that it is pacaur's job to warn the user about his personal settings.

Another reason I'd be against any PKGBUILD 'scanning' is that I'd like to completely move 
to the JSON interface for better efficiency and security in the near future. This is currently 
not possible without losing accuracy in the dependency solver (the AUR has many 
difficulties to correctly parse the PKGBUILD), but this will likely be fixed with the 
pacman/makepkg 4.2 release.
  • According to the above, a PKGBUILD scanning won't be implemented
  • Check if a general noexec check on builddir (which default on /tmp which is a tmpfs by default) is worth it.

Have also a look at the last comment of this noexec thread. Does running a noexec tmpfs solve any security issue?

Owner

rmarquis commented May 21, 2013

I'm clearly don't see any advantage in implementing this, as the noexec trick is easily bypassed, not mentioning that this depends on the user personal config and that PKGBUILDs should be reviewed prior to install anyway.

Closing this issue, feel free to reopen if I missed something.

@rmarquis rmarquis closed this May 21, 2013

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.