glibc post upgrade
Jeff Johnson
n3npq at nc.rr.com
Thu Aug 26 09:37:30 UTC 2004
Stephen Smalley wrote:
>On Wed, 2004-08-25 at 09:54, Jeff Johnson wrote:
>
>
>>That's the point. Lua is embedded, would be run by rpm, and no re-exec
>>because of internal state.
>>
>>
>
>Ok. And the lua "program" would still be extracted from the (possibly
>untrustworthy) package contents, as with current helpers like
>glibc_post_upgrade? So a package can carry arbitrary malicious lua code
>and get it executed by rpm?
>
>
>
Exactly the same as current rpm behavior, yes.
But thanks for explaining the need for distinguishing rpm_t and
rpm_script_t. ;-)
I'll have rpm_script_t into fc3 rpm in a day or two, lua ain't going to
happen soon, or suddenly,
or even only from package tag content, in rpm. Almost certainly lua is
going to happen in rpm though,
as lua scriptlet support is already in rpm HEAD, and there is a need for
embedded scripts in order to accomplish
certain tasks in a near empty chroot without encumbering dependency
baggage. That is/was
the original motivation for /usr/sbin/glibc_post_upgrade, not otherwise.
Malicious code from untrusted package problem not going to be solved by
rpm_script_t alone afaict either.
And the real problem is that glibc_post_upgrade should not be attempting
sshd restart always,
as the need to insure connectivity when modules change occurs only
occaisionally, and could
be handled in other ways like, say, documenting an incompatibility or
avoiding altogether.
73 de Jeff
More information about the selinux
mailing list