This is the mail archive of the
binutils@sourceware.org
mailing list for the binutils project.
Re: [Patch]: upgrade to automake 1.11.1
Joseph S. Myers wrote:
> On Wed, 31 Mar 2010, Jim Meyering wrote:
>> The upload check searches for the offending chmod command
>> which does something equivalent to chmod -R 777 ...
>
> That sounds like it would break uploading new releases of GCC 4.3 and 4.4
> (using automake 1.9.6, and major upgrades are *certainly* inappropriate
> for release branches). GCC does not use "make dist". If you try "make
> dist" at toplevel in either GCC or src it will tell you so.
The risk is relatively low (odds are low that someone will run a
distdir-using rule from a subdir while an attacker is prepared to strike),
but the cost of an exploit could be very high. That is why the upload
guard checks all makefiles, and not just those at the top level.
> Checking for world-writable distributed directories might make sense (that
The net effect (world-writable dist dirs) is not the real risk.
The risk is that while the tarball is being created, the directories
being put into it are world writable, and so can potentially
be made to contain anything. If you or anyone else then use the
result of that "make dist"-like rule in the wrong way (like untar
and run its configure), you lose.
> would also require the GCC release branches to be changed, but that would
> be a safe change); it makes rather more sense than checking for what a
> user might hypothetically do themselves with "make dist".
Ralf went to some pains to back-port the fix to multiple older versions
of automake, so you should be able to get by with your preferred version
plus that patch.