Re: Securing "make check" (CVE-2014-0067)

On Tue, Jul 8, 2014 at 08:21:48PM +0200, Christoph Berg wrote:
> Re: Noah Misch 2014-07-08 <20140708174125(dot)GA1884766(at)tornado(dot)leadboat(dot)com>
> > On Tue, Jul 08, 2014 at 07:02:04PM +0200, Christoph Berg wrote:
> > > Re: Noah Misch 2014-06-08 <20140608135713(dot)GA525142(at)tornado(dot)leadboat(dot)com>
> > > > Here's an update that places the socket in a temporary subdirectory of /tmp.
> > > > The first attached patch adds NetBSD mkdtemp() to libpgport. The second,
> > > > principal, patch uses mkdtemp() to implement this design in pg_regress. The
> > > > corresponding change to contrib/pg_upgrade/test.sh is based on the "configure"
> > > > script's arrangements for its temporary directory.
> > >
> > > Hi,
> > >
> > > I believe pg_upgrade itself still needs a fix. While it's not a
> > > security problem to put the socket in $CWD while upgrading (it is
> > > using -c unix_socket_permissions=0700), this behavior is pretty
> > > unexpected, and does fail if your $CWD is > 107 bytes.
> > >
> > > In f545d233ebce6971b6f9847680e48b679e707d22 Peter fixed the pg_ctl
> > > perl tests to avoid that problem, so imho it would make even more
> > > sense to fix pg_upgrade which could also fail in production.
> >
> > +1. Does writing that patch interest you?
>
> I'll give it a try once I've finished this CF review.

OK. Let me know if you need help.

--
Bruce Momjian <bruce(at)momjian(dot)us> http://momjian.us
EnterpriseDB http://enterprisedb.com

+ Everyone has their own god. +