Bugzilla Bug 202569

I got this sanbox violation:
rename:    /opt/netscape/navigator/components/xpti.dat.tmp
rename:    /opt/netscape/navigator/components/xpti.dat.tmp
rename:    /opt/netscape/navigator/components/compreg.dat.tmp
unlink:    /opt/netscape/navigator/update.test
open_wr:   /root/.gconf/.testing.writeability
unlink:    /root/.gconf/.testing.writeability
open_wr:   /root/.gconfd/saved_state
chmod:     /root/.gnome2_private
open_wr:   /root/.gconfd/saved_state
open_wr:   /root/.gconfd/saved_state.tmp

Looked a lot like bug 145048, only this is netscape navigator (using an ebuild
from bug 186954) instead of a browser from the official portage tree. Still I
investigated, to find out what a2ps was doing here. Seems like it would call
netscape to try figure out whether that program supports remote commands. I
don't particularly like the idea of ebuilds running such programs as root.

The whole point of this check seems to provide a likely default configuration.
I'm not sure whether this is a wanted feature on gentoo at all; I had supposed
that the result of building a package should rely as little on the rest of the
installed packages (and on what configure detects) as possible. In that case
there would probably be a lot of checks to disable by default.

Created an attachment (id=138728) [details]
set COM_netscape to no in ebuild

This patch to a2ps-4.13c-r5.ebuild tells configure that there is no netscape
available, so it has no cause to run netscape. The corresponding section will
end up as commments in the config file, which I would prefer anyway.

As netscape is never run, there is probably no reason to predict any access to
firefox-specific files. That would need to be tested on different systems,
though, especially on those systems that needed these predictions in the first
place. So I'll post a comment on bug 145048 pointing here.

Still an issue in app-text/a2ps-4.13c-r6. The patch still applies and works.

Is this still an issue in (upstream) a2ps-4.14?

(In reply to comment #3)
> Is this still an issue in (upstream) a2ps-4.14?

Had some trouble locating the 4.14 sources, as the HOMEPAGE given in the
current ebuild doesn't list that release yet. Maybe
http://www.gnu.org/software/a2ps/ should become the official HOMEPAGE of a2ps.

Anyway, a grep for COM_netscape in the configure script tells me that this bug
here is still an issue with 4.14.

Due to patches that won't apply out of the box and other sandbox violations
that occur without these patches, I haven't managed to get a clean build of
4.14 here yet. Once you have an ebuild in portage, I'll test that, but I'm very
sure that the fix from comment #1 still solves the issue described here as well
as the one from bug 145048.

Now that a2ps-4.14 has hit the tree, I actually had netscape start up while
emerging a2ps. So I can definitely confirm it's running "netscape" if that
binary is in the PATH. The patch still applies to the ebuild.

(In reply to comment #0)
> The whole point of this check seems to provide a likely default
> configuration. I'm not sure whether this is a wanted feature on gentoo at
> all; I had supposed that the result of building a package should rely as
> little on the rest of the installed packages (and on what configure detects)
> as possible.

This is a valid argument; especially the build system should not depend on
third-party binaries being present or not in the system.

(In reply to comment #5)
> Now that a2ps-4.14 has hit the tree, I actually had netscape start up while
> emerging a2ps. So I can definitely confirm it's running "netscape" if that
> binary is in the PATH.

@printing: The fix of comment 1 looks sane to me, any reason why it cannot be
applied?

well, obviously no one has looked here yet. Go ahead and apply it..

Fixed in 4.14. No revbump, since it is a build-time issue.

Thank you for reporting and for the bugfix.

*** Bug 175846 has been marked as a duplicate of this bug. ***