tsloughter
commented
6 years ago @eldarko thanks. good point.
@juise can the new file be written to a temp directory/file?
Closed eldarko closed 5 years ago
tsloughter
commented
6 years ago @eldarko thanks. good point.
@juise can the new file be written to a temp directory/file?
juise
commented
6 years ago @eldarko thanks a lot, nice catch.
@tsloughter yeah, we should keep this file in some other place, on rethink this behavior at all. I guess is better try to get rid of writing file
By the innocent commit https://github.com/erlware/relx/commit/310b7047a2dba4d4ed6ef8ef52a96456073e0c16 a security issue was introduced.
Normally the service runs under non-privileged user.
Since Erlang programs can't setuid() in our FreeBSD environment it is accomplished by running the bin/service script via su. I think, the concept is the same for Linux/Windows.
Meanwhile the package binaries/scripts themselves are owned by privileged user (unix: root). At the least it protects those files from being modified by remote or local attacks.
Since the committed code creates new files in the bin/ directory by running sed it now requires write permission to the directory. And is sounds bad.
Moreover some package managers keeps track on installed files and new hash sum for the modified nodetool could mislead such tools.
Could somebody propose a workaround or a concept of fixing it?