From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from lists.gentoo.org ([140.105.134.102] helo=robin.gentoo.org) by nuthatch.gentoo.org with esmtp (Exim 4.62) (envelope-from ) id 1I17k7-0004Sg-38 for garchives@archives.gentoo.org; Wed, 20 Jun 2007 21:29:35 +0000 Received: from robin.gentoo.org (localhost [127.0.0.1]) by robin.gentoo.org (8.14.0/8.14.0) with SMTP id l5KLSXvU021734; Wed, 20 Jun 2007 21:28:33 GMT Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) by robin.gentoo.org (8.14.0/8.14.0) with ESMTP id l5KLP9gI016775 for ; Wed, 20 Jun 2007 21:25:10 GMT Received: from [69.80.193.15] (hangover.linbsd.net [69.80.193.15]) (using TLSv1 with cipher RC4-MD5 (128/128 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTP id ABAA1655AE for ; Wed, 20 Jun 2007 21:11:42 +0000 (UTC) Subject: Re: [gentoo-dev] how to handle sensitive files when generating binary packages From: Ned Ludd To: gentoo-dev@lists.gentoo.org In-Reply-To: <200706201557.56872.vapier@gentoo.org> References: <200706200047.04951.vapier@gentoo.org> <20070620124925.e0e7280f.genone@gentoo.org> <200706201557.56872.vapier@gentoo.org> Content-Type: text/plain Organization: Gentoo Linux Date: Wed, 20 Jun 2007 14:11:40 -0700 Message-Id: <1182373900.17528.45.camel@hangover> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@gentoo.org Reply-to: gentoo-dev@lists.gentoo.org Mime-Version: 1.0 X-Mailer: Evolution 2.8.3 Content-Transfer-Encoding: 7bit X-Archives-Salt: 88097689-9e89-4c38-a4b9-a3f83b248057 X-Archives-Hash: 466b90fb5e718b48acdcac55fa2f1b30 On Wed, 2007-06-20 at 15:57 -0400, Mike Frysinger wrote: > On Wednesday 20 June 2007, Marius Mauch wrote: > > Mike Frysinger wrote: > > > mayhaps we need a new function to be run in src_install() to label > > > files as "sensitive" ... so baselayout would do: > > > esosensitive /etc/{fstab,group,passwd,shadow} > > > and then we expand the format of CONTENTS in the vdb: > > > priv /etc/fstab > > > > And what would be phase 2 of that? Just having a new filetype > > in CONTENTS doesn't accomplish anything by itself ... > > updating any tool that creates binary packages from the live $ROOT of course > silly billy > > current behavior: > # quickpkg baselayout > * Building package for sys-apps/baselayout-1.12.10-r4 > * Packages now in '/usr/portage/pacakges': > * sys-apps/baselayout-1.12.10-r4: 307K > > proposed new behavior (exact output here is not part of the discussion so dont > nit pick it): > # quickpkg baselayout > * Building package for sys-apps/baselayout-1.12.10-r4 > * Skipping sensitive file: /etc/passwd > * Skipping sensitive file: /etc/shadow > * Skipping sensitive file: /etc/group > * Packages now in '/usr/portage/pacakges': > * sys-apps/baselayout-1.12.10-r4: 307K > # quickpkg --iamsensitive baselayout > * Building package for sys-apps/baselayout-1.12.10-r4 > * Including sensitive file: /etc/passwd > * Including sensitive file: /etc/shadow > * Including sensitive file: /etc/group > * Packages now in '/usr/portage/pacakges': > * sys-apps/baselayout-1.12.10-r4: 307K Suggestion: If you go down this "sensitive" route. please ensure that the generated.tbz2 is mode 600 to prevent exposing this sensitive data more than need be. -- Ned Ludd Gentoo Linux -- gentoo-dev@gentoo.org mailing list