[Resolvconf-devel] Bug#819498: Bug#819498: /etc/resolvconf/update.d/resolvconf-update-bind called without CAP_CHOWN from n-m

[Thomas Hood]

Unless bind checks the ownership for some reason, it should be OK to just
remove the chown. Will do for the next release, whose upload I have just
requested from my faithful sponsor.

-- 
Thomas

On 30 March 2016 at 11:12, Marc Haber <mh+debian-bugs at zugschlus.de> wrote:

> On Wed, Mar 30, 2016 at 09:35:32AM +0200, Thomas Hood wrote:
> > I am happy to remove the chown from the (example) script. But are you
> sure
> > that bind processes the file if the owner is not root:bind?
>
> Mine takes it happily with root:staff. I guess it won't if it can't
> read the file, so the script should make sure to create the file world
> readable, which might introduce a privacy problem iff private
> information is in the file.
>
> Maybe take a look at the source file and spew an error if it isn't
> world readable, so that the local admin can decide whether to make
> the source file world readable or to add CAP_CHOWN to network-manager.
>
> I do not have an idea if a shell script can check for certain
> capabilities, so the script might want to add error handling for the
> chown like
>
> if ! stat --format="%A" "$TMP_FILE" | grep -q '.......r..'; then
>   if ! chown "$TMP_FILE"; then
>     echo >&2 "Error: cannot chown $TMP_FILE, capability missing, see
> #819498"
>   fi
> fi
>
> (untested)
>
> Greetings
> Marc
>
> --
>
> -----------------------------------------------------------------------------
> Marc Haber         | "I don't trust Computers. They | Mailadresse im Header
> Leimen, Germany    |  lose things."    Winona Ryder | Fon: *49 6224 1600402
> Nordisch by Nature |  How to make an American Quilt | Fax: *49 6224 1600421
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/resolvconf-devel/attachments/20160401/b22c974c/attachment.html>