[Kernel-packages] [Bug 1938886] Re: rrr:no dh_strip or strip loose setuid bit

2021-10-31 Thread Mathew Hodson
** No longer affects: virtualbox (Ubuntu) ** No longer affects: linux (Ubuntu) ** No longer affects: debugedit (Ubuntu) ** No longer affects: dash (Ubuntu) ** No longer affects: bash (Ubuntu) -- You received this bug notification because you are a member of Kernel Packages, which is subscribe

[Kernel-packages] [Bug 1938886] Re: rrr:no dh_strip or strip loose setuid bit

2021-08-05 Thread Launchpad Bug Tracker
This bug was fixed in the package debhelper - 13.3.4ubuntu2 --- debhelper (13.3.4ubuntu2) impish; urgency=medium * objcopy/strip changed in 2.36.1, not keeping file attributes of the original file. Work around that in dh_strip to write to a temporary file, copying attributes

[Kernel-packages] [Bug 1938886] Re: rrr:no dh_strip or strip loose setuid bit

2021-08-04 Thread Dimitri John Ledkov
** Patch removed: "chmod-reference.patch" https://bugs.launchpad.net/ubuntu/+source/virtualbox/+bug/1938886/+attachment/5515876/+files/chmod-reference.patch ** Patch added: "chmod-reference.patch" https://bugs.launchpad.net/ubuntu/+source/virtualbox/+bug/1938886/+attachment/5515888/+files/

[Kernel-packages] [Bug 1938886] Re: rrr:no dh_strip or strip loose setuid bit

2021-08-04 Thread Ubuntu Foundations Team Bug Bot
** Tags added: patch -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1938886 Title: rrr:no dh_strip or strip loose setuid bit Status in bash package in Ubuntu: Invalid Status in binuti

[Kernel-packages] [Bug 1938886] Re: rrr:no dh_strip or strip loose setuid bit

2021-08-04 Thread Dimitri John Ledkov
** Patch added: "chmod-reference.patch" https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1938886/+attachment/5515876/+files/chmod-reference.patch -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchp

[Kernel-packages] [Bug 1938886] Re: rrr:no dh_strip or strip loose setuid bit

2021-08-04 Thread Dimitri John Ledkov
** Changed in: bash (Ubuntu) Status: New => Invalid ** Changed in: dash (Ubuntu) Status: New => Invalid ** Changed in: debhelper (Ubuntu) Status: New => Triaged ** Changed in: debugedit (Ubuntu) Status: New => Invalid ** Changed in: linux (Ubuntu) Status: New

[Kernel-packages] [Bug 1938886] Re: rrr:no dh_strip or strip loose setuid bit

2021-08-04 Thread Dimitri John Ledkov
Based on https://elixir.bootlin.com/linux/latest/source/fs/inode.c#L1928 it seems that setuid and capabilities will be stipped, thus currently our implementation of dh_strip causes to loose setuid and capabilities. No idea why this is working with fakeroot when Rules-Requires-Root is set to bina

[Kernel-packages] [Bug 1938886] Re: rrr:no dh_strip or strip loose setuid bit

2021-08-04 Thread Dimitri John Ledkov
separately I'm not sure who/what/why stips setuid bits on file creation through redirect. is it like some kind of a CVE in bash/dash? kernel protection? -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchp

[Kernel-packages] [Bug 1938886] Re: rrr:no dh_strip or strip loose setuid bit

2021-08-04 Thread Dimitri John Ledkov
- objcopy/strip changed in 2.36.1, not keeping file attributes of the original file. Work around that in dh_strip to write to a temporary file and cat'ing this to the original file to keep the original attributes. which is broken for setuid files. ** Also affects: dash (Ubuntu)