severity #927395 wishlist thanks On Thu, Apr 18, 2019 at 09:44:05PM +0800, 積丹尼 Dan Jacobson wrote: > $ cat /var/log/apt/history.log > Start-Date: 2019-04-18 01:32:49 > Upgrade: exim4-base:amd64 (4.92-5, 4.92-6), openssl:amd64 (1.1.1b-1, > 1.1.1b-2), unicode-data:amd64 (12.0.0-1, 12.1.0~pre1-1), > exim4-daemon-light:amd64 (4.92-5, 4.92-6), rsyslog:amd64 (8.1903.0-4, > 8.1904.0-1), exim4-config:amd64 (4.92-5, 4.92-6), exim4:amd64 (4.92-5, > 4.92-6), libssl1.1:amd64 (1.1.1b-1, 1.1.1b-2), libfaad2:amd64 (2.8.8-1, > 2.8.8-2) > End-Date: 2019-04-18 01:32:56 > > some process did a touch(1) or otherwise changing > $ stat /etc/exim4/update-exim4.conf.conf > File: /etc/exim4/update-exim4.conf.conf > Size: 1154 Blocks: 8 IO Block: 4096 regular file > Device: 803h/2051d Inode: 524387 Links: 1 > Access: (0644/-rw-r--r--) Uid: ( 0/ root) Gid: ( 0/ root) > Modify: 2019-04-18 01:32:53.473019451 +0800 <------------THIS > Change: 2019-04-18 01:32:53.477019558 +0800
Tihs is probably the debconf-driven generation of ue4cc that happens during package upgrades. Things have always been that way, and I bet that a hundred other packages do the same thing. The file belongs to the package and IMO it is ok to expect that a file that belongs to a package changes during an update. To avoid this, one would need to write the output to update.exim4.conf.conf.temp, compare checksums and only move the temp file to the real file if they are different. This probably opens the possibility of five insecure temp file name, cruft left around bugs and in addition a bunch of nice race conditions. I am unsure whether this is really worth the trouble. > causing alarm bells to ring on my homebrew security system. Local problem ;-) lowering severity. > (Plus I bet it is a policy violation.) citation needed Greetings Marc -- ----------------------------------------------------------------------------- Marc Haber | "I don't trust Computers. They | Mailadresse im Header Leimen, Germany | lose things." Winona Ryder | Fon: *49 6224 1600402 Nordisch by Nature | How to make an American Quilt | Fax: *49 6224 1600421
