Re: Securing "make check" (CVE-2014-0067)

Christoph Berg <cb@df7cb.de>

From: Christoph Berg <cb@df7cb.de>
To: Bruce Momjian <bruce@momjian.us>, Noah Misch <noah@leadboat.com>, pgsql-hackers@postgresql.org, Tom Lane <tgl@sss.pgh.pa.us>, Peter Eisentraut <peter_e@gmx.net>
Date: 2014-07-11T09:40:09Z
Lists: pgsql-hackers

Attachments

Re: To Bruce Momjian 2014-07-11 <20140711093923.GA3115@msg.df7cb.de>
> Re: Bruce Momjian 2014-07-08 <20140708202114.GD9466@momjian.us>
> > > > > I believe pg_upgrade itself still needs a fix. While it's not a
> > > > > security problem to put the socket in $CWD while upgrading (it is
> > > > > using -c unix_socket_permissions=0700), this behavior is pretty
> > > > > unexpected, and does fail if your $CWD is > 107 bytes.
> > > > > 
> > > > > In f545d233ebce6971b6f9847680e48b679e707d22 Peter fixed the pg_ctl
> > > > > perl tests to avoid that problem, so imho it would make even more
> > > > > sense to fix pg_upgrade which could also fail in production.
> > > > 
> > > > +1.  Does writing that patch interest you?
> > > 
> > > I'll give it a try once I've finished this CF review.
> > 
> > OK.  Let me know if you need help.
> 
> Here's the patch. Proposed commit message:
> 
> Create pg_upgrade sockets in temp directories
> 
> pg_upgrade used to use the current directory for UNIX sockets to
> access the old/new cluster.  This fails when the current path is
> > 107 bytes.  Fix by reusing the tempdir code from pg_regress
> introduced in be76a6d39e2832d4b88c0e1cc381aa44a7f86881.  For cleanup,
> we need to remember up to two directories.

Uh... now really.

Christoph
-- 
cb@df7cb.de | http://www.df7cb.de/

Commits

Same data as JSON: GET /api/v1/messages/:b64id/commits the thread's linked commits as JSON, with link sources. API reference →
  1. Have config_sspi_auth() permit IPv6 localhost connections.

  2. Lock down regression testing temporary clusters on Windows.

  3. Use a separate temporary directory for the Unix-domain socket

  4. Secure Unix-domain sockets of "make check" temporary clusters.