Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 806767 - sys-libs/libcap-2.52: sandbox violation with llvm-objcopy
Summary: sys-libs/libcap-2.52: sandbox violation with llvm-objcopy
Status: RESOLVED UPSTREAM
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Current packages (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo's Team for Core System packages
URL:
Whiteboard:
Keywords:
: 809857 (view as bug list)
Depends on:
Blocks:
 
Reported: 2021-08-06 07:42 UTC by 12101111
Modified: 2021-08-24 18:30 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
build.log (build.log,48.90 KB, text/x-log)
2021-08-06 07:44 UTC, 12101111 		Details
strace (objcopy.log,43.22 KB, text/x-log)
2021-08-06 07:46 UTC, 12101111 		Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description 12101111 2021-08-06 07:42:24 UTC 
llvm-objcopy try to create temp files to path like /dev/stdout.tmpc5a6b0c

Reproducible: Always

Steps to Reproduce:
Reproduce without this package:
1.echo "int main(int argc, char **argv) { return 0; }" > empty.c
2.clang -o empty empty.c
3.sandbox llvm-objcopy --dump-section .interp=/dev/stdout empty > loader.txt
4.Lots of `* ACCESS DENIED:  open_wr:      /dev/stdout.tmpc5a6b0c`

Actual Results:  
`llvm-objcopy --dump-section .interp=/dev/stdout empty` print `/lib/ld-musl-x86_64.so.1`
`llvm-objcopy --dump-section .interp=loader.txt empty` write `/lib/ld-musl-x86_64.so.1` into loader.txt
But `llvm-objcopy --dump-section .interp=/dev/stdout empty > loader.txt` output
`llvm-objcopy: error: 'empty': Permission denied`
Comment 1 12101111 2021-08-06 07:44:05 UTC 
Created attachment 730786 [details]
build.log
Comment 2 12101111 2021-08-06 07:46:17 UTC 
Created attachment 730789 [details]
strace
Comment 3 Andrew G. Morgan 2021-08-17 03:46:11 UTC 
I think this is fixed upstream in 2.53
Comment 4 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2021-08-17 04:05:04 UTC 
(In reply to Andrew G. Morgan from comment #3)
> I think this is fixed upstream in 2.53

Thanks!
Comment 5 Mike Gilbert gentoo-dev 2021-08-24 18:30:22 UTC 
*** Bug 809857 has been marked as a duplicate of this bug. ***