On 9/17/23, orbea <or...@riseup.net> wrote: > On Sun, 17 Sep 2023 12:58:00 +0200 > Arsen Arsenović <ar...@gentoo.org> wrote: > >> Alexe Stefan <stefanalex...@gmail.com> writes: >> >> > One is written in shell, the other is written in c.(no problems >> > here) >> >> Not that implementation language matters. >> >> > One is not part of systemd, the other is. >> >> Both work fine without systemd, but the systemd implementation also >> happens not to be unmaintained and happens to be more complete. > > Here are some other implementations I have found, but I am not sure if > they are drop-in replacements or not. > > https://github.com/eweOS/pawprint > https://github.com/juur/tmpfilesd > >> >> > How are they identical. >> >> The last rites message does not say that opentmpfiles and >> systemd-tmpfiles are identical. That'd do a disservice to the >> actually complete, unmaintained, and (currently) non-CVE-affected >> implementation in systemd. >> >> > I use this on my raspi server, works fine. >> >> 'WOMM' is a fairly terrible measure. >> >> > Gentoo really became a systemd distro, further restricting choice by >> > the day. >> >> [ignoring this nonsensical statement, notice put here for clarity] >> >> >> Gentoo devs aren't obliged to maintain software you like to use. >> systemd-utils[tmpfiles] works on all Gentoo systems, including >> non-systemd ones. Until that changes (which is unlikely), I doubt >> there will be much interest in maintaining a fork from inside Gentoo. >> >> Please take up opentmpfiles maintenance. You have >> https://archives.gentoo.org/gentoo-dev/message/689954cc7fd55402dc4c82aa0ac70efb >> to address, and probably some other issues. See >> https://github.com/OpenRC/opentmpfiles/issues/19 for context. >> >> The message above implies that a rewrite in C is necessary. >> >> This should be rather easy. The systemd implementation is only ~4k >> LoC (excluding shared code), so I imagine that a complete >> reimplementation should be far less than 10k. Since this is fairly >> elementary stuff, it should be possible to finish in a weekends time. >> >> Submit a PR to re-add opentmpfiles after you're done. >> >> Looking forward to reviewing your contributions upstream. Have a >> lovely day :-) > > >
There are 2 open pr's on the opentmpfiles github. One removes the security vulnerability, but is non-compliant with the spec, the other is (at least is a start of) a rewrite in c. >As a result, opentmpfiles never should have tried to implement it, but >its authors didn't know about those problems either. And while >implementing tmpfiles in C has certain unavoidable race conditions, >hooooooooo boy is the shell version swiss cheese. There's no safe way >to run chown and chmod (the shell commands) as root in a directory you >don't control, and that's a big part of what opentmpfiles does. The >exploits for the shell version are kindergaren stuff. > Is it really so easy to exploit it? How would you do that?
