81693 – xmame 0.89 fails to emerge -- emerge fails because binary is setuid root

Bug 81693 - xmame 0.89 fails to emerge -- emerge fails because binary is setuid root

Summary: xmame 0.89 fails to emerge -- emerge fails because binary is setuid root

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	[OLD] Games (show other bugs)
Hardware:	x86 Linux

Importance:	High normal (vote)
Assignee:	Gentoo Games

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2005-02-11 20:44 UTC by Stephen Bosch
Modified:	2005-02-12 12:37 UTC (History)
CC List:	0 users

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Stephen Bosch 2005-02-11 20:44:53 UTC

When I try to emerge xmame, it builds successfully but fails when it tries to merge the built binaries.



Reproducible: Always
Steps to Reproduce:
1. ACCEPT_KEYWORDS="~x86" emerge -v xmame
Actual Results:  
/usr/bin/install -d    -o root -g bin -m  755
/var/tmp/portage/xmame-0.89/image//usr/share/man/man6
/usr/bin/install -c    -o root -g bin -m  444 doc/xmame.6
/var/tmp/portage/xmame-0.89/image//usr/share/man/man6/xmame.6
xmame for linux-i386 installation completed
 * A game was detected that is setuid root!
 * /var/tmp/portage/xmame-0.89/image///usr/games/bin/xmame.svgalib

!!! ERROR: games-emulation/xmame-0.89 failed.
!!! Function prepgamesdirs, Line 115, Exitcode 0
!!! refusing to merge a setuid root game
!!! If you need support, post the topmost build error, NOT this status message.



Expected Results:  
None of the binaries created should be setuid 'root'.

The binary in question is xmame.svgalib. Here is 
/var/tmp/portage/xmame-0.89/image/usr/games/bin:

total 137096
 552321 lrwxrwxrwx    1 root     games           9 Feb 11 21:40 xmame -> xmame.x11
 552322 -r-xr-x---    1 root     games    46708716 Feb 11 21:40 xmame.SDL
 552323 -r-sr-x---    1 root     games    46707912 Feb 11 21:40 xmame.svgalib
 552324 -r-xr-x---    1 root     games    46803296 Feb 11 21:40 xmame.x11

Portage 2.0.51-r14 (default-linux/x86/2004.0, gcc-3.2.3, glibc-2.3.2-r3, 2.4.24
i686)
=================================================================
System uname: 2.4.24 i686 AMD Duron(tm)
Gentoo Base System version 1.4.3.10
Python:              dev-lang/python-2.2.3-r5,dev-lang/python-2.3.3 [2.3.3 (#1,
Jun  9 2004, 21:30:51)]
dev-lang/python:     2.2.3-r5, 2.3.3
sys-devel/autoconf:  2.58-r1
sys-devel/automake:  1.8.3
sys-devel/binutils:  2.14.90.0.6-r6
sys-devel/libtool:   1.4.3-r1
virtual/os-headers:  2.4.19-r1
ACCEPT_KEYWORDS="x86"
AUTOCLEAN="yes"
CFLAGS="-O3 -march=i686 -funroll-loops -pipe"
CHOST="i686-pc-linux-gnu"
CONFIG_PROTECT="/etc /usr/X11R6/lib/X11/xkb /usr/kde/2/share/config
/usr/kde/3.1/share/config /usr/kde/3/share/config /usr/lib/mozilla/defaults/pref
/usr/share/config /var/qmail/control"
CONFIG_PROTECT_MASK="/etc/afs/C /etc/afs/afsws /etc/gconf /etc/env.d"
CXXFLAGS="-O3 -march=i686 -funroll-loops -pipe"
DISTDIR="/usr/portage/distfiles"
FEATURES="autoaddcvs autoconfig ccache distlocks sandbox sfperms"
GENTOO_MIRRORS="ftp://ibiblio.org/pub/Linux/distributions/gentoo/
http://csociety-ftp.ecn.purdue.edu/pub/gentoo/
ftp://csociety-ftp.ecn.purdue.edu/pub/gentoo/
ftp://mirror.iawnet.sandia.gov/pub/gentoo/"
MAKEOPTS="-j2"
PKGDIR="/usr/portage/packages"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/usr/portage"
SYNC="rsync://rsync.gentoo.org/gentoo-portage"
USE="3dnow X aalib acpi afs alsa apm arts avi berkdb bidi bitmap-fonts cdr crypt
cups curl dvb dvd dvdr encode f77 fam flac font-server foomaticdb fortran gdbm
gif gpm gtk gtk2 imagemagick imap imlib ipv6 java jpeg kde ldap lib libg++
libwww mad mikmod mmx motif mozilla mpeg nas ncurses nls oggvorbis opengl oss
pam pda pdflib perl png ppds python qt quicktime readline samba sdl slang spell
ssl svga tcltk tiff truetype truetype-fonts type1-fonts unicode usb videos wmf
www x86 xinerama xml xml2 xmms xv zlib video_cards_radeon"
Unset:  LDFLAGS, PORTDIR_OVERLAY

Comment 1 Chris Gianelloni (RETIRED) gentoo-dev

2005-02-11 21:10:04 UTC

Just curious... what if you try FEATURES="-sfperms" emerge xmame?

Comment 2 Stephen Bosch 2005-02-12 11:01:45 UTC

No dice, same result:

/usr/bin/install -d    -o root -g bin -m  755 /var/tmp/portage/xmame-0.89/image//usr/share/man/man6
/usr/bin/install -c    -o root -g bin -m  444 doc/xmame.6 /var/tmp/portage/xmame-0.89/image//usr/share/man/man6/xmame.6
xmame for linux-i386 installation completed
 * A game was detected that is setuid root!
 * /var/tmp/portage/xmame-0.89/image///usr/games/bin/xmame.svgalib

!!! ERROR: games-emulation/xmame-0.89 failed.
!!! Function prepgamesdirs, Line 115, Exitcode 0
!!! refusing to merge a setuid root game
!!! If you need support, post the topmost build error, NOT this status message.

Comment 3 SpanKY gentoo-dev

2005-02-12 11:19:56 UTC

with svgalib-0.9.x, we shouldnt need the binaries setuid root since the newer svgalib comes with a helper module specifically to allow non-root users access to the svga driver ... from the svga README:

Program using svgalib 1.9.0 or later don't need root provoleges (suid
root). They do need access to /dev/svga, which is a char device
with major 209 and minor 0.
The module svgalib_helper need also be inserted.

sfperms has nothing to do with this error, this is a sanity check i added to our games.eclass

Comment 4 Mr. Bones. (RETIRED) gentoo-dev

2005-02-12 12:37:12 UTC

fixed in cvs.