[Pkg-gnupg-maint] Bug#485458: gnupg: crashes with "Ohhhh jeeeee: ... this is a bug"
Daniel Leidert
daniel.leidert at wgdd.de
Mon Jun 9 18:57:28 UTC 2008
Am Montag, den 09.06.2008, 18:45 +0200 schrieb Alexandre Fayolle:
> I have an program at work which is used to automate some tasks related
> to debian package management (automating some checks and uploading
> packages to a local repository). To avoid permission issues, the
> executable is setuid to a user which is the owner of the repositories :
>
> alf at crater:~$ ls -l /usr/bin/ldi
> -rwsr-sr-x 1 debinstall debinstall 4448 fév 6 11:02 /usr/bin/ldi
>
> It worked fine until recently, when the signature checks ran by the
> programm started failing with a very weird error message:
>
> gpg: Ohhhh jeeee: ... this is a bug (../../g10/gpg.c:2052:main)
> secmem usage: 0/0 bytes in 0/0 blocks of pool 0/32768
>
> This thread
> (http://lists.gnupg.org/pipermail/gnupg-users/2006-August/029097.html)
> suggests that the setuid bit is reponsible for the crash. However the
> program has been working correctly since february (the machine is
> running unstable but is not upgraded very often).
>
> I think the change introduced in 1.4.6-2.2 broke this behaviour (Do not install
> gpg setuid root, this is not necessary anymore since Linux kernel
> 2.6.9. (Closes: #356550, #346597, #453122)) ? If I chmod u+s
> /usr/bin/gpg, my ldi command works fine again.
You can overwrite the package permissions via dpkg-statoverride to get
the setuid bit and you just need to do this once. I don't know your
program so I don't know, if running gnupg with the setuid bit is the
only choice you have, but normally I would doubt that. However,
dpkg-statoverride IMO is the correct choice here and not reverting the
change.
Other opinions?
Regards, Daniel
More information about the Pkg-gnupg-maint
mailing list