From mboxrd@z Thu Jan 1 00:00:00 1970 Date: Thu, 4 Dec 2014 00:49:18 +0100 From: =?utf-8?B?U3TDqXBoYW5l?= Aulery To: rsc@swtch.com, anselm@garbe.us, 9trouble@plan9.bell-labs.com, 9fans@9fans.net Subject: Debian bug 737206 - rc shell uses insecurely /tmp Message-ID: <20141203234918.GA27533@free.fr> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="FCuugMFkClbJLl1L" Content-Disposition: inline Content-Transfer-Encoding: 8bit User-Agent: Mutt/1.5.23 (2014-03-12) Topicbox-Message-UUID: 32da814e-ead9-11e9-9d60-3106f5b1d025 --FCuugMFkClbJLl1L Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit Hello, I make you pass an open bug report on the Debian bts about rc. I do not know to whom I should speak. The code comes from 9base, who just plan9port, etc. Here is the report [1]: Package: 9base Version: 1:6-6 Severity: important Tags: security Murray McAllister from Red Hat Security Response Team discovered that rc creates temporary files in an insecure way: $ strace -o '| grep /tmp' ./test-heredoc open("/tmp/here217f.0000", O_WRONLY|O_CREAT|O_TRUNC|O_LARGEFILE, 0666) = 5 open("/tmp/here217f.0000", O_RDONLY|O_LARGEFILE) = 5 moo unlink("/tmp/here217f.0000") = 0 As you can see, the filenames are easily predictable, and the O_EXCL flag is missing. [1] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=737206 Regards, -- Stéphane Aulery --FCuugMFkClbJLl1L Content-Type: text/plain; charset=utf-8 Content-Disposition: attachment; filename=test-heredoc #!/usr/lib/plan9/bin/rc cat << EOF moo EOF --FCuugMFkClbJLl1L-- From mboxrd@z Thu Jan 1 00:00:00 1970 MIME-Version: 1.0 In-Reply-To: <20141203234918.GA27533@free.fr> References: <20141203234918.GA27533@free.fr> Date: Fri, 5 Dec 2014 02:33:20 +0000 Message-ID: Subject: Re: [9fans] Debian bug 737206 - rc shell uses insecurely /tmp From: Charles Forsyth To: Fans of the OS Plan 9 from Bell Labs <9fans@9fans.net> Cc: Russ Cox , anselm@garbe.us, 9trouble@plan9.bell-labs.com Content-Type: multipart/alternative; boundary=089e013a14087467e605096ee656 Topicbox-Message-UUID: 339da430-ead9-11e9-9d60-3106f5b1d025 --089e013a14087467e605096ee656 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable On Wed, Dec 3, 2014 at 11:49 PM, St=C3=A9phane Aulery wro= te: > discovered that rc > creates temporary files in an insecure way: > rc was built for a system that made /tmp secure by not sharing it (it's always private to a user and even sometimes to a set of processes). That way not every app has to try to help sustain the pretence that a shared /tmp can really be secured (+s bits, EXCL create, etc..) Obviously the version for Unix will have to change its generation scheme to fit in. --089e013a14087467e605096ee656 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable

= On Wed, Dec 3, 2014 at 11:49 PM, St=C3=A9phane Aulery <= ;saulery@free.fr&g= t; wrote:
discovered that rc
=C2=A0 =C2=A0creates temporary files in an insecure way:
=

rc was built for a system that made /tmp secure by not sharing it= (it's always private to a user and even sometimes to a set of processe= s).
That way not every app has to try to he= lp sustain the pretence that a shared /tmp can really be secured (+s bits, = EXCL create, etc..)
Obviously the version f= or Unix will have to change its generation scheme to fit in.
--089e013a14087467e605096ee656-- From mboxrd@z Thu Jan 1 00:00:00 1970 MIME-Version: 1.0 In-Reply-To: References: <20141203234918.GA27533@free.fr> Date: Fri, 5 Dec 2014 14:08:11 +1100 Message-ID: From: Bruce Ellis To: Fans of the OS Plan 9 from Bell Labs <9fans@9fans.net> Content-Type: multipart/alternative; boundary=001a11c25cd015e52805096f63e3 Subject: Re: [9fans] Debian bug 737206 - rc shell uses insecurely /tmp Topicbox-Message-UUID: 33b57966-ead9-11e9-9d60-3106f5b1d025 --001a11c25cd015e52805096f63e3 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Don't these people have better things to do than finding non-bugs in systems they don't understand? brucee On 5 December 2014 at 13:33, Charles Forsyth wrote: > > On Wed, Dec 3, 2014 at 11:49 PM, St=C3=A9phane Aulery w= rote: > >> discovered that rc >> creates temporary files in an insecure way: >> > > rc was built for a system that made /tmp secure by not sharing it (it's > always private to a user and even sometimes to a set of processes). > That way not every app has to try to help sustain the pretence that a > shared /tmp can really be secured (+s bits, EXCL create, etc..) > Obviously the version for Unix will have to change its generation scheme > to fit in. > --001a11c25cd015e52805096f63e3 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable
Don't these people have better things to do than findi= ng non-bugs in systems they don't understand?

brucee=

On 5 = December 2014 at 13:33, Charles Forsyth <charles.forsyth@gmail.com= > wrote:
<= div class=3D"gmail_extra">
O= n Wed, Dec 3, 2014 at 11:49 PM, St=C3=A9phane Aulery <= saulery@free.fr>= ; wrote:
discovered that rc
=C2=A0 =C2=A0creates temporary files in an insecure way:
=

rc was built for a system that made /tmp secure by not sha= ring it (it's always private to a user and even sometimes to a set of p= rocesses).
That way not every app has to tr= y to help sustain the pretence that a shared /tmp can really be secured (+s= bits, EXCL create, etc..)
Obviously the ve= rsion for Unix will have to change its generation scheme to fit in.

--001a11c25cd015e52805096f63e3-- From mboxrd@z Thu Jan 1 00:00:00 1970 From: Skip Tavakkolian Content-Type: multipart/alternative; boundary=Apple-Mail-3D0ABF21-C73A-490B-BE65-4B1F3E1AE722 Content-Transfer-Encoding: 7bit Mime-Version: 1.0 (1.0) Message-Id: Date: Thu, 4 Dec 2014 19:20:53 -0800 References: <20141203234918.GA27533@free.fr> In-Reply-To: To: Fans of the OS Plan 9 from Bell Labs <9fans@9fans.net> Subject: Re: [9fans] Debian bug 737206 - rc shell uses insecurely /tmp Topicbox-Message-UUID: 33b9d1a0-ead9-11e9-9d60-3106f5b1d025 --Apple-Mail-3D0ABF21-C73A-490B-BE65-4B1F3E1AE722 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable +1 =F0=9F=98=84 > On Dec 4, 2014, at 7:08 PM, Bruce Ellis wrote: >=20 > Don't these people have better things to do than finding non-bugs in syste= ms they don't understand? >=20 > brucee >=20 >> On 5 December 2014 at 13:33, Charles Forsyth w= rote: >>=20 >>> On Wed, Dec 3, 2014 at 11:49 PM, St=C3=A9phane Aulery w= rote: >>> discovered that rc >>> creates temporary files in an insecure way: >>=20 >> rc was built for a system that made /tmp secure by not sharing it (it's a= lways private to a user and even sometimes to a set of processes). >> That way not every app has to try to help sustain the pretence that a sha= red /tmp can really be secured (+s bits, EXCL create, etc..) >> Obviously the version for Unix will have to change its generation scheme t= o fit in. >=20 --Apple-Mail-3D0ABF21-C73A-490B-BE65-4B1F3E1AE722 Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: quoted-printable
+1 =F0=9F=98=84


= On Dec 4, 2014, at 7:08 PM, Bruce Ellis <bruce.ellis@gmail.com> wrote:

Don't these people have better things to do tha= n finding non-bugs in systems they don't understand?

bruc= ee

On 5= December 2014 at 13:33, Charles Forsyth <charles.forsyth@gmail.com<= /a>> wrote:

On We= d, Dec 3, 2014 at 11:49 PM, St=C3=A9phane Aulery <saulery@free.fr> wrote:
d= iscovered that rc
   creates temporary files in an insecure way:
<= /div>
rc was built for a system that made /tmp secure by not shari= ng it (it's always private to a user and even sometimes to a set of processe= s).
That way not every app has to try to hel= p sustain the pretence that a shared /tmp can really be secured (+s bits, EX= CL create, etc..)
Obviously the version for U= nix will have to change its generation scheme to fit in.

= --Apple-Mail-3D0ABF21-C73A-490B-BE65-4B1F3E1AE722-- From mboxrd@z Thu Jan 1 00:00:00 1970 Date: Thu, 4 Dec 2014 22:38:37 -0500 From: sl@9front.org To: 9fans@9fans.net Message-ID: <7ea1b08f5d3a803dcc46da5e6f697595@xx230.inri> MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit Subject: Re: [9fans] Debian bug 737206 - rc shell uses insecurely /tmp Topicbox-Message-UUID: 33be62d8-ead9-11e9-9d60-3106f5b1d025 Aren't they talking about rc when running on their operating system? sl From mboxrd@z Thu Jan 1 00:00:00 1970 Date: Fri, 5 Dec 2014 04:14:07 +0000 Message-ID: <20141205041407.Horde.stL5yX_qWE2oFaDyiX9UDw1@ssl.eumx.net> From: Kurt H Maier To: Fans of the OS Plan 9 from Bell Labs <9fans@9fans.net> References: <20141203234918.GA27533@free.fr> In-Reply-To: User-Agent: Internet Messaging Program (IMP) H5 (6.2.2) Content-Type: text/plain; charset=UTF-8; format=flowed; DelSp=Yes MIME-Version: 1.0 Content-Disposition: inline Subject: Re: [9fans] Debian bug 737206 - rc shell uses insecurely /tmp Topicbox-Message-UUID: 33c4eeaa-ead9-11e9-9d60-3106f5b1d025 Quoting Bruce Ellis : > Don't these people have better things to do than finding non-bugs in > systems they don't understand? > > brucee This bug is being reported against 9base, which is a port of stuff to unix similar to (and based on) plan9port. He is reporting it to 9fans and 9trouble because Debian people are not very good at doing things correctly. Fortunately he seems to accidentally have sent his message to some folks who might care in addition to the ones who don't. khm From mboxrd@z Thu Jan 1 00:00:00 1970 From: "David L. Craig" Date: Fri, 5 Dec 2014 04:50:17 -0500 To: Fans of the OS Plan 9 from Bell Labs <9fans@9fans.net> Message-ID: <20141205095017.GA31035@dlc-dt> References: <7ea1b08f5d3a803dcc46da5e6f697595@xx230.inri> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="5vNYLRcllDrimb99" Content-Disposition: inline In-Reply-To: <7ea1b08f5d3a803dcc46da5e6f697595@xx230.inri> User-Agent: Mutt/1.5.23 (2014-03-12) Subject: Re: [9fans] Debian bug 737206 - rc shell uses insecurely /tmp Topicbox-Message-UUID: 33d929c4-ead9-11e9-9d60-3106f5b1d025 --5vNYLRcllDrimb99 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On 14Dec04:2238-0500, sl@9front.org wrote: > Aren't they talking about rc when running on their operating system? Certainly. It serves as a textbook example of inadequate software porting due to insufficient understanding of the differences between the source and target environments. Once the defect in the port is revealed, it serves as a textbook example of inadequate ported software support that has to inquire of the source maintainers if the misbehavior in the ported environment is also present in the source environment (I am reluctant to suggest they believed the responsibility of remediation lies with the source maintainers). Once again: Plan 9 is not UNIX-- porters in either direction, beware. --=20 May the LORD God bless you exceedingly abundantly! Dave_Craig______________________________________________ "So the universe is not quite as you thought it was. You'd better rearrange your beliefs, then. Because you certainly can't rearrange the universe." __--from_Nightfall_by_Asimov/Silverberg_________________ --5vNYLRcllDrimb99 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: Digital signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJUgX/ZAAoJEGT26xQl8nA7LrAQAIFX/J2VxRJL17AsmE+p6VA3 y32e/9MNFwdKtorI2TWu2/Tfe7NOjmrKMpGNqRo0tAg/dnu1DBW6Gs7YfsYuioPA 5VBve2OPiOvjtvKcljQN9zPy9le8AdTSJ3a2f9iDTpROzBotH7GOJZZBOQp5+rgc T24ZnnDztsw8W9ahSmahETWweiH8z+KtZ587vke2nxnJ6vdA1CW8Uf/BIE5JAHcN ECiXORXUXItaTGbYXS6B7vVCtV4EzM7a5ZN1BMyGKOjc/VBzif2VqN5kxo2T46rw y4pin3n4kueEL22nUQGao+sWTat1xmvSd4k/VQ5fDjMoHImboPW9GjCR2x/xn+qy ars+JZ2hL834WCJ7/tLZi04HhDODjm93Qr3pDtXbvZYtLhuwkF1QEl6DlCoRXO98 ZtAcjwJoIuxkc7BZqHmApl5CPRjwuKYkegbvkT99+1G8wbP25F4NkRwGwqNZVYgc yFIiw/hvyxTPUfSiI5IXsYtqGqyKbdXaOndxtx/4g+F3COXKmhRJkYi+jJq6Blgp 8A0xC5ij9m5m7qkJm6U7YQleHeJH6nVsJBi1fmJg0g4lsorJIc1GUgC13vbfm1Ko MW6Dx6/h3YzRLlV1HjoPawAYIdl7TrnNsbs2S2aHyKe8IkezgzOXNQ2yd8pGVNGQ v0Z1qykkZKO8dFmiYS1L =MzzP -----END PGP SIGNATURE----- --5vNYLRcllDrimb99-- From mboxrd@z Thu Jan 1 00:00:00 1970 MIME-Version: 1.0 In-Reply-To: <20141205095017.GA31035@dlc-dt> References: <7ea1b08f5d3a803dcc46da5e6f697595@xx230.inri> <20141205095017.GA31035@dlc-dt> Date: Sat, 6 Dec 2014 00:08:09 +0000 Message-ID: From: Charles Forsyth To: Fans of the OS Plan 9 from Bell Labs <9fans@9fans.net> Content-Type: multipart/alternative; boundary=089e016348420a5704050980fdd3 Subject: Re: [9fans] Debian bug 737206 - rc shell uses insecurely /tmp Topicbox-Message-UUID: 343864de-ead9-11e9-9d60-3106f5b1d025 --089e016348420a5704050980fdd3 Content-Type: text/plain; charset=UTF-8 > Aren't they talking about rc when running on their operating system? I'd still fix /tmp, myself. It does nothing but fester. Even the PDP-11 it was a nuisance. 40 years on, you'd think someone would deal with it. --089e016348420a5704050980fdd3 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable

=
> Aren't they talking about rc wh= en running on their operating system?

I'd still f= ix /tmp, myself. It does nothing but fester. Even the PDP-11 it was a nuisa= nce.
40 years on, you'd think someone w= ould deal with it.
--089e016348420a5704050980fdd3-- From mboxrd@z Thu Jan 1 00:00:00 1970 MIME-Version: 1.0 In-Reply-To: <20141205041407.Horde.stL5yX_qWE2oFaDyiX9UDw1@ssl.eumx.net> References: <20141203234918.GA27533@free.fr> <20141205041407.Horde.stL5yX_qWE2oFaDyiX9UDw1@ssl.eumx.net> Date: Sat, 6 Dec 2014 12:58:32 +1100 Message-ID: From: Bruce Ellis To: Fans of the OS Plan 9 from Bell Labs <9fans@9fans.net> Content-Type: multipart/alternative; boundary=001a11c2b9e0ce65c0050982873a Subject: Re: [9fans] Debian bug 737206 - rc shell uses insecurely /tmp Topicbox-Message-UUID: 344135be-ead9-11e9-9d60-3106f5b1d025 --001a11c2b9e0ce65c0050982873a Content-Type: text/plain; charset=UTF-8 Well I hope he has fun fixing a sandwich. Your words ... "because Debian people are not very good at doing things correctly". On 5 December 2014 at 15:14, Kurt H Maier wrote: > Quoting Bruce Ellis : > > Don't these people have better things to do than finding non-bugs in >> systems they don't understand? >> >> brucee >> > > This bug is being reported against 9base, which is a port of stuff > to unix similar to (and based on) plan9port. > > He is reporting it to 9fans and 9trouble because Debian people are > not very good at doing things correctly. Fortunately he seems to > accidentally have sent his message to some folks who might care in > addition to the ones who don't. > > khm > > > --001a11c2b9e0ce65c0050982873a Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable
Well I hope he has fun fixing a sandwich. Your words =C2= =A0... "because Debian people are not very good at doing things correc= tly".

O= n 5 December 2014 at 15:14, Kurt H Maier <khm@sciops.net> wrote= :
Quoting Bruce Ellis &l= t;bruce.ellis@gm= ail.com>:

Don't these people have better things to do than finding non-bugs in systems they don't understand?

brucee

 This bug is being reported against 9base, which is a port of stuff
to unix similar to (and based on) plan9port.

He is reporting it to 9fans and 9trouble because Debian people are
not very good at doing things correctly.=C2=A0 =C2=A0Fortunately he seems t= o
accidentally have sent his message to some folks who might care in
addition to the ones who don't.

khm



--001a11c2b9e0ce65c0050982873a-- From mboxrd@z Thu Jan 1 00:00:00 1970 Message-ID: <808ad70d8182ed0f98a57281445d60f3@proxima.alt.za> To: 9fans@9fans.net Date: Sat, 6 Dec 2014 07:22:08 +0200 From: lucio@proxima.alt.za In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit Subject: Re: [9fans] Debian bug 737206 - rc shell uses insecurely /tmp Topicbox-Message-UUID: 34678a02-ead9-11e9-9d60-3106f5b1d025 > I'd still fix /tmp, myself. It does nothing but fester. Even the PDP-11 it > was a nuisance. > 40 years on, you'd think someone would deal with it. Are you being intentionally ambiguous, Charles? /tmp/ in Unix (my guess) or /tmp/ in Plan 9 (quantum forbid!) as Unix aficionados may choose to interpret your comment? You need personal namespaces for the former and, I have no doubt, too much is at stake for those to be much of an option right now - mobile phones notwithstanding (cf. Ubuntu Phone). Lucio. ------------------------------------------------------------------------------------- This email has been scanned by the MxScan Email Security System. ------------------------------------------------------------------------------------- From mboxrd@z Thu Jan 1 00:00:00 1970 MIME-Version: 1.0 In-Reply-To: <808ad70d8182ed0f98a57281445d60f3@proxima.alt.za> References: <808ad70d8182ed0f98a57281445d60f3@proxima.alt.za> Date: Sat, 6 Dec 2014 18:29:52 +0000 Message-ID: From: Charles Forsyth To: Fans of the OS Plan 9 from Bell Labs <9fans@9fans.net> Content-Type: multipart/alternative; boundary=001a113a6f741b7857050990614f Subject: Re: [9fans] Debian bug 737206 - rc shell uses insecurely /tmp Topicbox-Message-UUID: 352e13f2-ead9-11e9-9d60-3106f5b1d025 --001a113a6f741b7857050990614f Content-Type: text/plain; charset=UTF-8 On Sat, Dec 6, 2014 at 5:22 AM, wrote: > 40 years on, you'd think someone would deal with it. The point I was trying to make is that it was realised early on (eg, when time-sharing at universities) that a shared /tmp was a problem. Hacks such as +s or special schemes for allocating files don't really address the problem. Now look at that number: 40. Four decades. During that time there has been any amount of foolish crud added to this or that kernel, distribution ,graphics subsystem, standards, ... but instead of fixing it after 4 0 years, we get notes explaining that it's the application's business, in this case the shell, or perhaps the underlying library, to try to address "security issues" instead of fixing it, once for all. After 40 years (more than a generation). --001a113a6f741b7857050990614f Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable

= On Sat, Dec 6, 2014 at 5:22 AM, <lucio@proxima.alt.za> w= rote:
40 years on, you'd think someon= e would deal with it.

The point I was trying to make = is that it was realised early on (eg, when time-sharing at universities)
that a shared /tmp was a problem. Hacks such = as +s or special schemes for allocating files don't really
address the problem.
Now look at that number: 40. Four decade= s. During that time there has been any amount of foolish
crud added to this or that kernel, distribution ,graphics sub= system, standards, ... but instead of fixing
it after 4 0 years, we get notes explaining that it's the application= 's business, in this case the shell,
or= perhaps the underlying library, to try to address "security issues&qu= ot; instead of fixing it, once for all.
After 40 years (more than a generation).
--001a113a6f741b7857050990614f-- From mboxrd@z Thu Jan 1 00:00:00 1970 From: erik quanstrom Date: Sat, 6 Dec 2014 10:41:52 -0800 To: 9fans@9fans.net Message-ID: In-Reply-To: References: <808ad70d8182ed0f98a57281445d60f3@proxima.alt.za> MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit Subject: Re: [9fans] Debian bug 737206 - rc shell uses insecurely /tmp Topicbox-Message-UUID: 353dd83c-ead9-11e9-9d60-3106f5b1d025 > Now look at that number: 40. Four decades. During that time there > has been any amount of foolish crud added to this or that kernel, > distribution ,graphics subsystem, standards, ... but instead of > fixing it after 4 0 years, we get notes explaining that it's the > application's business, in this case the shell, or perhaps the > underlying library, to try to address "security issues" instead of > fixing it, once for all. After 40 years (more than a generation). +1. this is really an important point. think of all the mega person years you could save by doing the simple, systemic things to make the job of maintaining system easier. - erik From mboxrd@z Thu Jan 1 00:00:00 1970 Message-ID: <54836D78.4060809@ReliableID.com> Date: Sat, 6 Dec 2014 15:56:24 -0500 From: Wes Kussmaul User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.3.0 MIME-Version: 1.0 To: 9fans@9fans.net References: <808ad70d8182ed0f98a57281445d60f3@proxima.alt.za> In-Reply-To: Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: quoted-printable Subject: Re: [9fans] Debian bug 737206 - rc shell uses insecurely /tmp Topicbox-Message-UUID: 355f38ba-ead9-11e9-9d60-3106f5b1d025 On 12/06/2014 01:41 PM, erik quanstrom wrote: >> instead of >> fixing it, once for all. After 40 years (more than a generation). > +1. this is really an important point. think of all the mega person > years you could save by doing the simple, systemic things to make > the job of maintaining system easier. Think of all the mega person years in... picking one example... the=20 managed security services industry. Mega *billable* person years... Folks, as long as those who care about the integrity of the world's=20 information infrastructure work at the direction of those who do not,=20 nothing will get fixed. --=20 Wes Kussmaul The Authenticity Institute 738 Main Street Waltham, MA 02451 office +1 781 790 1674 mobile +1 781 330 1881 =93Try this fruit, and by the way if a bunch of people collectively calli= ng themselves Arthur Andersen signs something it=92s the same as if a per= son named Arthur Andersen signed it.=94 - The Serpent From mboxrd@z Thu Jan 1 00:00:00 1970 MIME-Version: 1.0 In-Reply-To: References: <808ad70d8182ed0f98a57281445d60f3@proxima.alt.za> Date: Sun, 7 Dec 2014 13:37:11 +1100 Message-ID: From: Bruce Ellis To: Fans of the OS Plan 9 from Bell Labs <9fans@9fans.net> Content-Type: multipart/alternative; boundary=bcaec53f2e37e75e940509972fb6 Subject: Re: [9fans] Debian bug 737206 - rc shell uses insecurely /tmp Topicbox-Message-UUID: 3573f4da-ead9-11e9-9d60-3106f5b1d025 --bcaec53f2e37e75e940509972fb6 Content-Type: text/plain; charset=UTF-8 As in "I have ties older than your /tmp". On 7 December 2014 at 05:29, Charles Forsyth wrote: > > On Sat, Dec 6, 2014 at 5:22 AM, wrote: > >> 40 years on, you'd think someone would deal with it. > > > The point I was trying to make is that it was realised early on (eg, when > time-sharing at universities) > that a shared /tmp was a problem. Hacks such as +s or special schemes for > allocating files don't really > address the problem. > > Now look at that number: 40. Four decades. During that time there has been > any amount of foolish > crud added to this or that kernel, distribution ,graphics subsystem, > standards, ... but instead of fixing > it after 4 0 years, we get notes explaining that it's the application's > business, in this case the shell, > or perhaps the underlying library, to try to address "security issues" > instead of fixing it, once for all. > After 40 years (more than a generation). > --bcaec53f2e37e75e940509972fb6 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable
As in "I have ties older than your /tmp".
<= div class=3D"gmail_extra">
On 7 December 2014= at 05:29, Charles Forsyth <charles.forsyth@gmail.com> wrote:

On Sat, Dec 6,= 2014 at 5:22 AM, <lucio@proxima.alt.za> wrote:
40 years on, you'd think someone would deal w= ith it.

The point I was trying to make is that= it was realised early on (eg, when time-sharing at universities)
that a shared /tmp was a problem. Hacks such as +s o= r special schemes for allocating files don't really
address the problem.

Now look at that number: 40. Four decades. Duri= ng that time there has been any amount of foolish
crud added to this or that kernel, distribution ,graphics subsystem,= standards, ... but instead of fixing
it af= ter 4 0 years, we get notes explaining that it's the application's = business, in this case the shell,
or perhap= s the underlying library, to try to address "security issues" ins= tead of fixing it, once for all.
After = 40 years (more than a generation).

--bcaec53f2e37e75e940509972fb6-- From mboxrd@z Thu Jan 1 00:00:00 1970 Message-ID: To: 9fans@9fans.net Date: Sun, 7 Dec 2014 06:23:39 +0200 From: lucio@proxima.alt.za In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit Subject: Re: [9fans] Debian bug 737206 - rc shell uses insecurely /tmp Topicbox-Message-UUID: 3578328e-ead9-11e9-9d60-3106f5b1d025 > +1. this is really an important point. think of all the mega person > years you could save by doing the simple, systemic things to make > the job of maintaining system easier. You are missing an even more important issue here: imagine how much beneficial impact such a radical break with tradition would have had on the mindset of the community! But we're dealing with conservatism here and not with measurable improvements. Also, and I am on Charles' side on this, _who_ should have done this? Sun Microsystems, Microsoft? And how do we know that it has not been done, but was rejected? The technology is not driven by need but, surprise, surprise, by greed. And, most importantly, it is a complex blend of science and engineering with no moral compass and plenty of money. Is it surprising that it fails to address problems without profitable solutions? My beef with Charles, by the way - and I must have been guilty of the same sin as he - is not that he is mistaken, but that he formulated his criticism in an ambiguous manner, where it is necessary that it should be very clear which of two alternatives he is criticising. I simply wish there was less of that, specially on a mailing list where English is not everyone's mother tongue. Sometimes I can't resist the temptation to bring this to everyone's attention. No offence was intended and if some was taken, I apologize. Lucio. From mboxrd@z Thu Jan 1 00:00:00 1970 From: erik quanstrom Date: Sat, 6 Dec 2014 23:31:51 -0800 To: 9fans@9fans.net Message-ID: In-Reply-To: References: MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit Subject: Re: [9fans] Debian bug 737206 - rc shell uses insecurely /tmp Topicbox-Message-UUID: 3595e19e-ead9-11e9-9d60-3106f5b1d025 > > +1. this is really an important point. think of all the mega person > > years you could save by doing the simple, systemic things to make > > the job of maintaining system easier. > > You are missing an even more important issue here: imagine how much > beneficial impact such a radical break with tradition would have had > on the mindset of the community! But we're dealing with conservatism > here and not with measurable improvements. > > Also, and I am on Charles' side on this, _who_ should have done this? > Sun Microsystems, Microsoft? conservatism is not the reason. the reason is lack of clear thinking. like the summit guys suggesting pipe1. by the way, i set up an automounter for irix 3 and 4 way back when that set up private temp directories, among other things. it's even been done. - erik From mboxrd@z Thu Jan 1 00:00:00 1970 MIME-Version: 1.0 In-Reply-To: <20141203234918.GA27533@free.fr> References: <20141203234918.GA27533@free.fr> Date: Sun, 7 Dec 2014 18:35:53 +0100 Message-ID: Subject: Re: Debian bug 737206 - rc shell uses insecurely /tmp From: anselm@garbe.us To: =?UTF-8?Q?St=C3=A9phane_Aulery?= Cc: rsc@swtch.com, 9trouble@plan9.bell-labs.com, Fans of the OS Plan 9 from Bell Labs <9fans@9fans.net> Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Topicbox-Message-UUID: 35a3cd2c-ead9-11e9-9d60-3106f5b1d025 Hi there, On 4 December 2014 at 00:49, St=C3=A9phane Aulery wrote: > I make you pass an open bug report on the Debian bts about rc. > I do not know to whom I should speak. The code comes from 9base, who > just plan9port, etc. Here is the report [1]: > > Package: 9base > Version: 1:6-6 > Severity: important > Tags: security thanks for passing this issue on. I intend to address this issue in the upcoming 9base-7 release. Out of curiosity, does anybody know if current p9p is still affected by this? Presumablyit is just 9base-6, as it is based on a 4 year old p9p pull... BR, Anselm