Re: Securing "make check" (CVE-2014-0067)

Noah Misch <noah@leadboat.com>

From: Noah Misch <noah@leadboat.com>
To: YAMAMOTO Takashi <yamt@netbsd.org>
Cc: bruce@momjian.us, tgl@sss.pgh.pa.us, pgsql-hackers@postgresql.org
Date: 2014-04-04T03:49:54Z
Lists: pgsql-hackers
On Fri, Apr 04, 2014 at 02:36:05AM +0000, YAMAMOTO Takashi wrote:
> > Thanks.  To avoid socket path length limitations, I lean toward placing the
> > socket temporary directory under /tmp rather than placing under the CWD:
> > 
> > http://www.postgresql.org/message-id/flat/20121129223632.GA15016@tornado.leadboat.com
> 
> openvswitch has some tricks to overcome the socket path length
> limitation using symlink.  (or procfs where available)
> iirc these were introduced for debian builds which use deep CWD.

That's another reasonable approach.  Does it have a notable advantage over
placing the socket in a subdirectory of /tmp?  Offhand, the security and
compatibility consequences look similar.

-- 
Noah Misch
EnterpriseDB                                 http://www.enterprisedb.com


Commits

Same data as JSON: GET /api/v1/messages/:b64id/commits the thread's linked commits as JSON, with link sources. API reference →
  1. Have config_sspi_auth() permit IPv6 localhost connections.

  2. Lock down regression testing temporary clusters on Windows.

  3. Use a separate temporary directory for the Unix-domain socket

  4. Secure Unix-domain sockets of "make check" temporary clusters.