[debian-edu-commits] debian-edu/ 68/183: - Better explain need for gconf path file adaption (in both debconf-note, and README file - Avoid potential security problems spotted by Aaron M. Ucko (ref. bug ##309978) - place proposed gconf path file in /usr/share/desktop-profiles and link from doc dir (also spotted by Aaron)
Alexander Alemayhu
ccscanf-guest at moszumanska.debian.org
Wed Jun 11 16:48:34 UTC 2014
This is an automated email from the git hooks/post-receive script.
ccscanf-guest pushed a commit to branch master
in repository desktop-profiles.
commit 6d5e1448d92dbc1529fef6e65cc5e2a4c1a96f5b
Author: Bart Cornelis <cobaco at linux.be>
Date: Sat May 21 01:31:02 2005 +0000
- Better explain need for gconf path file adaption (in both debconf-note, and
README file
- Avoid potential security problems spotted by Aaron M. Ucko
(ref. bug ##309978)
- place proposed gconf path file in /usr/share/desktop-profiles and link from
doc dir (also spotted by Aaron)
---
20desktop-profiles_activateDesktopProfiles | 37 ++++++++++++++++++++++--------
README | 33 +++++++++++++++++++++-----
debian/changelog | 12 ++++++++++
debian/po/nl.po | 16 ++++++-------
debian/po/templates.pot | 26 ++++++++++++---------
debian/postinst | 14 +++++------
debian/rules | 4 ++--
debian/templates | 24 +++++++++++--------
path | 15 +++++++-----
9 files changed, 122 insertions(+), 59 deletions(-)
diff --git a/20desktop-profiles_activateDesktopProfiles b/20desktop-profiles_activateDesktopProfiles
index f9bc52e..6450c88 100644
--- a/20desktop-profiles_activateDesktopProfiles
+++ b/20desktop-profiles_activateDesktopProfiles
@@ -173,22 +173,41 @@ activate_GCONF () {
# needs to contain a include directive for this generated file. (preferably it should
# contain _only_ that include directive setting everything else up through profiles)
- # only generate path files for user if it will be included
- if (grep '/var/cache/desktop-profiles/\$(USER)_mandatory.path' /etc/gconf/2/path 2>&1 > /dev/null ) ||
- (grep '/var/cache/desktop-profiles/\$(USER)_defaults.path' /etc/gconf/2/path 2>&1 > /dev/null ) ||
- (grep '/var/cache/desktop-profiles/\$(USER)_mandatory.path' /etc/gconf/1/path 2>&1 > /dev/null ) ||
- (grep '/var/cache/desktop-profiles/\$(USER)_defaults.path' /etc/gconf/1/path 2>&1 > /dev/null ); then
+ # only generate path files for user if they will be included
+ if (grep 'include *\$(XDG_CACHE_HOME)/\$(MANDATORY_PATH)' /etc/gconf/2/path 2>&1 > /dev/null ) ||
+ (grep 'include *\$(XDG_CACHE_HOME)/\$(DEFAULTS_PATH)' /etc/gconf/2/path 2>&1 > /dev/null ) ||
+ (grep 'include *\$(XDG_CACHE_HOME)/\$(MANDATORY_PATH)' /etc/gconf/1/path 2>&1 > /dev/null ) ||
+ (grep 'include *\$(XDG_CACHE_HOME)/\$(DEFAULTS_PATH)' /etc/gconf/1/path 2>&1 > /dev/null ); then
INCLUDED_HOME=false;
- echo "# Generated by desktop-profiles package" > "$PROFILE_PATH_FILES_DIR/${USER}_mandatory.path";
- echo "# Generated by desktop-profiles package" > "$PROFILE_PATH_FILES_DIR/${USER}_defaults.path";
+
+ # We need to use random names in a directory only accessible by the user because of security:
+ # - if (generated) path file isn't there all is fine
+ # - if (generated) path file is there and the permissions on it allow $USER to write all is fine
+ # (as it's regenerated on login)
+ # - if (generated) path file is there (possibly changed by attacker) and the permissions on it do
+ # not allow $USER to write things are not fine (as regeneration fails, and configuration sources
+ # by attacker will be used).
+ # Attacker can be $USER hirself (to avoid mandatory settings form sysadmin), or if file is in a
+ # directory that's writeable by someone else a third party
+ XDG_CACHE_HOME=${XDG_CACHE_HOME:-$HOME/.cache}; mkdir -p $XDG_CACHE_HOME;
+ MANDATORY_PATH=$(tempfile --directory $XDG_CACHE_HOME);
+ DEFAULTS_PATH=$(tempfile --directory $XDG_CACHE_HOME);
+
+ # $XDG_CACHE_HOME is not supposed to contain anything that can't be deleted
+ # so we can do this to avoid leaving old generated files from previous logins laying around
+ rm $(grep '^# Generated by desktop-profiles package$' $XDG_CACHE_HOME/*);
+
+ # add marker to generated file, both so we can find it again later, and to indicate origin
+ echo "# Generated by desktop-profiles package" > "$XDG_CACHE_HOME/$MANDATORY_PATH";
+ echo "# Generated by desktop-profiles package" > "$XDG_CACHE_HOME/$DEFAULTS_PATH";
cat $GCONF_FILE | while read LINE; do
if (test "$LINE" != 'xml:readwrite:$(HOME)/.gconf'); then
if (test $INCLUDED_HOME = false); then
- echo $LINE >> "$PROFILE_PATH_FILES_DIR/${USER}_mandatory.path";
+ echo $LINE >> "$XDG_CACHE_HOME/$MANDATORY_PATH";
else
- echo $LINE >> "$PROFILE_PATH_FILES_DIR/${USER}_defaults.path";
+ echo $LINE >> "$XDG_CACHE_HOME/$DEFAULTS_PATH";
fi;
else
INCLUDED_HOME=true;
diff --git a/README b/README
index 7b436bd..193e731 100644
--- a/README
+++ b/README
@@ -13,6 +13,32 @@ KNOWN BUGS
description contains a single quote, it doesn't show the details, and will
mess up the metadata file when changing it
+NEEDED CHANGES TO DEFAULT GCONF PATH FILE (for gconf profiles to work)
+=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
+Basically what desktop-profiles does in regard to gconf configuration sources
+is to provide an alternative means of managing them (as opposed through just
+using the default path files). The advantages being:
+- being able to activate different profiles for different groups of users
+ easily
+- being able to use the same mechanism to control crossdesktop configuration
+ (XDG_CONFIG profiles), or profiles for profiles for other desktops.
+
+In order for this to work you need to change the default system-wide gconf
+path file (/etc/gconf/2/path) to:
+- at a minimum include the following 2 directives
+ include $(XDG_CACHE_HOME)/$(MANDATORY_PATH)
+ include $(XDG_CACHE_HOME)/$(DEFAULTS_PATH)
+ respectively before and after any user-controlled sources are included.
+-ideally you'd have just those 2 directives and the user-controlled sources in
+ the system-wide path file, managing any additional configuration sources with
+ desktop-profiles.
+
+A Path file that assumes the latter option, and that will reproduce the default
+behavior of gconf (when no additional sources are known to desktop-profiles)
+is available in /urs/share/doc/desktop-profiles/examples.
+Running `dpkg-reconfigure desktop-profiles` provides a hook to activate the path
+file proposed by this desktop-profiles.
+
NOTE FOR DEBIAN-EDU USERS
=-=-=-=-=-=-=-=-=-=-=-=-=
Debian-edu users should make sure they have a .listing file with metadata for
@@ -25,9 +51,4 @@ BUILDING KDE-PROFILES
=-=-=-=-=-=-=-=-=-=-=
There is a graphical tool called kiosk-tool available to aid in the creation
and maintenance of KDE profiles (regardless of wether they use kiosk
-features). It's not currently available in .deb form, the upstream webpage is
-http://extragear.kde.org/apps/kiosktool/ (1.0 version compiles cleanly with the
-usual './configure; make' invocation).
-
-There's an ITP filed (bug #267595), any progress on a deb package should be
-listed there.
+features). It's available from unstable, as the kiosktool package.
diff --git a/debian/changelog b/debian/changelog
index 274a1ed..c0bab7a 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,15 @@
+desktop-profiles (1.4.6) UNRELEASED; urgency=low
+
+ * Put generated path files into XDG_CACHE_HOME, and randomize file names
+ to avoid succesfull attack, and put proposed path file into
+ /usr/share/desktop-profiles as per policy 12.3.
+ Thanks to Aaron M. Ucko for pointing these out (Closes: 309978)
+ * Added extended note about replacing/changing default gconf path file
+ in README file, also changed wording of debconf to be more informative
+ about why this is necessary
+
+ -- Bart Cornelis (cobaco) <cobaco at linux.be> Sat, 21 May 2005 03:14:47 +0200
+
desktop-profiles (1.4.5) unstable; urgency=low
* list-desktop-profiles now validates precedence filters equasions
diff --git a/debian/po/nl.po b/debian/po/nl.po
index 8fd1f02..0dae745 100644
--- a/debian/po/nl.po
+++ b/debian/po/nl.po
@@ -15,8 +15,8 @@ msgid ""
msgstr ""
"Project-Id-Version: desktop-profiles\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2005-02-20 14:11+0100\n"
-"PO-Revision-Date: 2005-02-21 19:17+0100\n"
+"POT-Creation-Date: 2005-05-21 03:23+0200\n"
+"PO-Revision-Date: 2005-05-21 03:23+0100\n"
"Last-Translator: Bart Cornelis <cobaco at linux.be>\n"
"Language-Team: debian-l10n-dutch <debian-l10n-dutch at lists.debian.org>\n"
"MIME-Version: 1.0\n"
@@ -33,18 +33,18 @@ msgstr "Systeemwijd 'path'-bestand vervangen?"
#. Type: boolean
#. Description
#: ../templates:4
-msgid "The default gconf (i.e. GNOME) setup doesn't facilitate the use of profiles for certain groups only. The approach used by this package does. To have gconf use the approach of this package the system-wide gconf 'path' file needs to be replaced by one provided by this package."
-msgstr "De default gconf (en dus GNOME) instellingen ondersteunen het gebruik van profielen voor bepaalde groepen niet. Dit pakket voorziet een aanpak die dit wel ondersteund. Om ervoor te zorgen dat gconf de aanpak van dit pakket gebruikt dient het systeemwijde 'path'-bestand vervangen te worden door het door dit pakket voorziene 'path'-bestand."
+msgid "The default gconf (i.e. GNOME) setup doesn't facilitate the use of profiles for certain groups only. This package provides an alternative way to manage gconf configuration sources that does. In order to activate this alternative way of managing your configuration sources the system-wide gconf 'path' file (/etc/gconf/<gconf-version>/path) needs to be adapted."
+msgstr "De standaard manier waarmee gconf (en dus GNOME) configuratiebronnen beheert biedt geen ondersteunen voor het conditioneel activeren van bronnen. Dit pakket voorziet een alternatieve aanpak die dit wel ondersteund. Om ervoor te zorgen dat gconf de aanpak van dit pakket gebruikt dient het systeemwijde 'path'-bestand (/etc/gconf.<gconf-version>/path) aangepast te worden."
#. Type: boolean
#. Description
#: ../templates:4
-msgid "Doing so won't change the default behaviour of gconf but it will allow the subsequent installation and activation of gconf profiles. Thus it is recommended that you let me replace the default system-wide gconf 'path' file."
-msgstr "Dit veranderdt het standaardgedrag van gconf niet, maar laat wel toe om later gconf profielen te installeren en te activeren. Het is bijgevolg aan te raden om het default systeemwijde 'path'-bestand te vervangen."
+msgid "This package includes an replacement system-wide gconf 'path' file that will reproduce the default behaviour of gconf, but will also allow the subsequent installation and activation of gconf configuration sources through desktop-profiles. It is recommended that you let me replace the default system-wide gconf 'path' file."
+msgstr "Dit pakket bevat een voorgestelde vervanging voor het systeemwijde 'path'-bestand, dat het standaardgedrag van gconf behoud, en bijkomend de installatie van extra configuratiebronnen via desktop-profiles toelaat. U wordt aangeraden om het standaard systeem-wijde gconf 'path'-bestand te vervangen."
#. Type: boolean
#. Description
#: ../templates:4
-msgid "You can always do this later by running `dpkg-reconfigure desktop-profiles', or by manually replacing /etc/gconf/<gconf-version>/path with /usr/share/doc/desktop-profiles/examples/path."
-msgstr "U kunt dit altijd later doen via het commando 'desktop-reconfigure desktop-profiles', of door handmatig /etc/gconf/<gconf-version>path te vervangen door /usr/share/doc/desktop-profiles/examples/path"
+msgid "If you choose not to replace the default gconf 'path' file at this point, you can always do this later by running `dpkg-reconfigure desktop-profiles', or by manually replacing /etc/gconf/<gconf-version>/path with /usr/share/desktop-profiles/path, or another 'path' file as described in /usr/share/doc/desktop-profiles/README."
+msgstr "Als u ervoor kiest om het standaard gconf 'path'-bestand nu niet te vervangen, kunt u dit altijd later doen via het commando 'desktop-reconfigure desktop-profiles', of door handmatig /etc/gconf/<gconf-version>path te vervangen door /usr/share/desktop-profiles/path, of een ander 'path'-bestand zoals beschreven in /usr/share/doc/desktop-profiles/README"
diff --git a/debian/po/templates.pot b/debian/po/templates.pot
index 902d590..589ebfb 100644
--- a/debian/po/templates.pot
+++ b/debian/po/templates.pot
@@ -16,7 +16,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2005-02-20 14:11+0100\n"
+"POT-Creation-Date: 2005-05-21 03:23+0200\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL at ADDRESS>\n"
"Language-Team: LANGUAGE <LL at li.org>\n"
@@ -35,26 +35,30 @@ msgstr ""
#: ../templates:4
msgid ""
"The default gconf (i.e. GNOME) setup doesn't facilitate the use of profiles "
-"for certain groups only. The approach used by this package does. To have "
-"gconf use the approach of this package the system-wide gconf 'path' file "
-"needs to be replaced by one provided by this package."
+"for certain groups only. This package provides an alternative way to manage "
+"gconf configuration sources that does. In order to activate this "
+"alternative way of managing your configuration sources the system-wide "
+"gconf 'path' file (/etc/gconf/<gconf-version>/path) needs to be adapted."
msgstr ""
#. Type: boolean
#. Description
#: ../templates:4
msgid ""
-"Doing so won't change the default behaviour of gconf but it will allow the "
-"subsequent installation and activation of gconf profiles. Thus it is "
-"recommended that you let me replace the default system-wide gconf 'path' "
-"file."
+"This package includes an replacement system-wide gconf 'path' file that will "
+"reproduce the default behaviour of gconf, but will also allow the subsequent "
+"installation and activation of gconf configuration sources through desktop-"
+"profiles. It is recommended that you let me replace the default system-wide "
+"gconf 'path' file."
msgstr ""
#. Type: boolean
#. Description
#: ../templates:4
msgid ""
-"You can always do this later by running `dpkg-reconfigure desktop-profiles', "
-"or by manually replacing /etc/gconf/<gconf-version>/path with /usr/share/doc/"
-"desktop-profiles/examples/path."
+"If you choose not to replace the default gconf 'path' file at this point, "
+"you can always do this later by running `dpkg-reconfigure desktop-profiles', "
+"or by manually replacing /etc/gconf/<gconf-version>/path with /usr/share/"
+"desktop-profiles/path, or another 'path' file as described in /usr/share/"
+"doc/desktop-profiles/README."
msgstr ""
diff --git a/debian/postinst b/debian/postinst
index 3ff2eee..6e92d47 100755
--- a/debian/postinst
+++ b/debian/postinst
@@ -12,18 +12,18 @@ if (test "$RET" = true); then
# if gconf 2 path file is present and doesn't include the generated path file
# then replace path file
if (test -e /etc/gconf/2/path) ; then
- if ! ( (grep '/var/cache/desktop-profiles/\$(USER)_mandatory.path' /etc/gconf/2/path > /dev/null) ||
- (grep '/var/cache/desktop-profiles/\$(USER)_defaults.path' /etc/gconf/2/path > /dev/null) ); then
+ if ! ( (grep 'include *\$(XDG_CACHE_HOME)/\$(MANDATORY_PATH)' /etc/gconf/2/path 2>&1 > /dev/null ) ||
+ (grep 'include *\$(XDG_CACHE_HOME)/\$(DEFAULTS_PATH)' /etc/gconf/2/path 2>&1 > /dev/null ) ); then
mv /etc/gconf/2/path /etc/gconf/2/path.pre-desktop-profiles;
- cp /usr/share/doc/desktop-profiles/examples/path /etc/gconf/2/path;
+ cp /usr/share/desktop-profiles/path /etc/gconf/2/path;
fi;
# if gconf 1 path file is present and doesn't include the generated path file
# then replace path file
elif (test -e /etc/gconf/2/path) ; then
- if ! ( (grep '/var/cache/desktop-profiles/\$(USER)_mandatory.path' /etc/gconf/1/path > /dev/null) ||
- (grep '/var/cache/desktop-profiles/\$(USER)_defaults.path' /etc/gconf/1/path > /dev/null) ); then
- mv /etc/gconf/2/path /etc/gconf/1/path.pre-desktop-profiles;
- cp -f /usr/share/doc/desktop-profiles/examples/path /etc/gconf/1/path;
+ if ! ( (grep 'include *\$(XDG_CACHE_HOME)/\$(MANDATORY_PATH)' /etc/gconf/1/path 2>&1 > /dev/null ) ||
+ (grep 'include *\$(XDG_CACHE_HOME)/\$(DEFAULTS_PATH)' /etc/gconf/1/path 2>&1 > /dev/null ) ); then
+ mv /etc/gconf/1/path /etc/gconf/1/path.pre-desktop-profiles;
+ cp -f /usr/share/desktop-profiles/path /etc/gconf/1/path;
fi;
fi;
fi;
diff --git a/debian/rules b/debian/rules
index 1fd4235..6ccc664 100755
--- a/debian/rules
+++ b/debian/rules
@@ -37,10 +37,10 @@ binary-indep: build install
dh_installchangelogs
dh_installdocs
dh_installmenu
- dh_installexamples path
dh_installman desktop-profiles.7 list-desktop-profiles.1 dh_installlisting.1 profile-manager.1
dh_install dh_installlisting profile-manager usr/bin
- dh_install listingmodule usr/share/desktop-profiles/
+ dh_install listingmodule path usr/share/desktop-profiles/
+ dh_link usr/share/desktop-profiles/path usr/share/doc/desktop-profiles/examples/path
dh_install list-desktop-profiles usr/bin/
dh_install profile-manager.kmdr usr/share/desktop-profiles/kommander-scripts/
dh_install desktop-profiles etc/default
diff --git a/debian/templates b/debian/templates
index dfa3471..00a6b98 100644
--- a/debian/templates
+++ b/debian/templates
@@ -3,15 +3,19 @@ Type: boolean
Default: false
_Description: Replace the default system-wide 'path' file?
The default gconf (i.e. GNOME) setup doesn't facilitate the use of
- profiles for certain groups only. The approach used by this package does.
- To have gconf use the approach of this package the system-wide gconf 'path'
- file needs to be replaced by one provided by this package.
+ profiles for certain groups only. This package provides an alternative way to
+ manage gconf configuration sources that does. In order to activate this
+ alternative way of managing your configuration sources the system-wide
+ gconf 'path' file (/etc/gconf/<gconf-version>/path) needs to be adapted.
.
- Doing so won't change the default behaviour of gconf but it will allow the
- subsequent installation and activation of gconf profiles. Thus it is
- recommended that you let me replace the default system-wide gconf 'path'
- file.
+ This package includes an replacement system-wide gconf 'path' file that will
+ reproduce the default behaviour of gconf, but will also allow the subsequent
+ installation and activation of gconf configuration sources through
+ desktop-profiles. It is recommended that you let me replace the default
+ system-wide gconf 'path' file.
.
- You can always do this later by running `dpkg-reconfigure desktop-profiles',
- or by manually replacing /etc/gconf/<gconf-version>/path with
- /usr/share/doc/desktop-profiles/examples/path.
+ If you choose not to replace the default gconf 'path' file at this point, you
+ can always do this later by running `dpkg-reconfigure desktop-profiles', or
+ by manually replacing /etc/gconf/<gconf-version>/path with
+ /usr/share/desktop-profiles/path, or another 'path' file as
+ described in /usr/share/doc/desktop-profiles/README.
diff --git a/path b/path
index 416e82d..00efef3 100644
--- a/path
+++ b/path
@@ -1,14 +1,17 @@
#
-# This path file is meant to be used in conjunction with the desktop-profiles
-# package, default behaviour (withouth additional gconf profiles installed,
-# is identical to the behaviour using the default gconf path file as deliverd
-# by the gconf2 pacakge
+# This gconf path file is meant to be used in conjunction with the
+# desktop-profiles package,
+#
+# Default gconf behaviour using this path file with desktop-profiles installed
+# is identical to the behaviour using the default path file from the gconf2
+# pacakge, but allowing activation of additional configuration sources through
+# desktop-profiles
#
# See the desktop-profiles (7) man page for more information
###############################################################################
# Look for mandatory "configuration sources" from desktop-profiles
-include /var/cache/desktop-profiles/$(USER)_mandatory.path
+include $(XDG_CACHE_HOME)/$(MANDATORY_PATH)
# Now see where users want us to look - basically the user can stick arbitrary
# sources in a ~/.gconf.path file and they're inserted here
@@ -18,4 +21,4 @@ include "$(HOME)/.gconf.path"
xml:readwrite:$(HOME)/.gconf
# Look for default "configuration sources" from desktop-profiles
-include /var/cache/desktop-profiles/$(USER)_defaults.path
+include $(XDG_CACHE_HOME)/$(DEFAULTS_PATH)
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/debian-edu/pkg-team/desktop-profiles.git
More information about the debian-edu-commits
mailing list