Bug 688164

Summary:	app-portage/unsymlink-lib: running migrate while under umask 077 breaks system for non root users.
Product:	Gentoo Linux	Reporter:	Piotr Karbowski (RETIRED) <slashbeast>
Component:	Stabilization	Assignee:	Michał Górny <mgorny>
Status:	RESOLVED FIXED
Severity:	normal	Keywords:	STABLEREQ
Priority:	Normal	Flags:	stable-bot: sanity-check+
Version:	unspecified
Hardware:	All
OS:	Linux
Whiteboard:
Package list:	app-portage/unsymlink-lib-16	Runtime testing required:	Yes
Bug Depends on:
Bug Blocks:	506276

Description Piotr Karbowski (RETIRED) gentoo-dev

2019-06-16 15:17:19 UTC

Seems like running `unsymlink-lib --migrate` while under 077 umask leaves the system broken for non-root users due to path traversal issues caused by non-world readable directories.

Running rollback, changing umask to 022 and re-running --migrate works.

Perhaps the tool should set umask 022 for it's own process tree.

Comment 1 Larry the Git Cow gentoo-dev

2019-06-16 17:35:14 UTC

The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=fbd444389acc5883d05d6afad19f9ace19a365eb

commit fbd444389acc5883d05d6afad19f9ace19a365eb
Author:     Michał Górny <mgorny@gentoo.org>
AuthorDate: 2019-06-16 17:34:37 +0000
Commit:     Michał Górny <mgorny@gentoo.org>
CommitDate: 2019-06-16 17:35:03 +0000

    app-portage/unsymlink-lib: Bump to v16
    
    Bump to version 16.  Fixes wrong umask.
    
    Bug: https://bugs.gentoo.org/688164
    Signed-off-by: Michał Górny <mgorny@gentoo.org>

 app-portage/unsymlink-lib/Manifest                |  1 +
 app-portage/unsymlink-lib/unsymlink-lib-16.ebuild | 30 +++++++++++++++++++++++
 2 files changed, 31 insertions(+)

Comment 2 Michał Górny archtester

2019-06-16 17:35:52 UTC

Fix released as v16.  Since this is a major issue, please test and stabilize.

Comment 3 Mikle Kolyada (RETIRED) archtester

2019-06-20 09:00:51 UTC

amd64 stable