Re: Securing "make check" (CVE-2014-0067)

YAMAMOTO Takashi <yamt@netbsd.org>

From: yamt@netbsd.org (YAMAMOTO Takashi)
To: noah@leadboat.com
Cc: bruce@momjian.us, tgl@sss.pgh.pa.us, pgsql-hackers@postgresql.org
Date: 2014-04-04T11:11:56Z
Lists: pgsql-hackers
> On Fri, Apr 04, 2014 at 02:36:05AM +0000, YAMAMOTO Takashi wrote:
>> > Thanks.  To avoid socket path length limitations, I lean toward placing the
>> > socket temporary directory under /tmp rather than placing under the CWD:
>> > 
>> > http://www.postgresql.org/message-id/flat/20121129223632.GA15016@tornado.leadboat.com
>> 
>> openvswitch has some tricks to overcome the socket path length
>> limitation using symlink.  (or procfs where available)
>> iirc these were introduced for debian builds which use deep CWD.
> 
> That's another reasonable approach.  Does it have a notable advantage over
> placing the socket in a subdirectory of /tmp?  Offhand, the security and
> compatibility consequences look similar.

an advantage is that the socket can be placed under CWD
and thus automatically obeys its directory permissions etc.

YAMAMOTO Takashi

> 
> -- 
> Noah Misch
> EnterpriseDB                                 http://www.enterprisedb.com
> 
> 
> -- 
> Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
> To make changes to your subscription:
> http://www.postgresql.org/mailpref/pgsql-hackers


Commits

Same data as JSON: GET /api/v1/messages/:b64id/commits the thread's linked commits as JSON, with link sources. API reference →
  1. Have config_sspi_auth() permit IPv6 localhost connections.

  2. Lock down regression testing temporary clusters on Windows.

  3. Use a separate temporary directory for the Unix-domain socket

  4. Secure Unix-domain sockets of "make check" temporary clusters.