Received: from cloud04.net4visions.de (cloud04.net4visions.de [138.201.116.1])
	by nld3-dev1.alpinelinux.org (Postfix) with ESMTPS id D40CD781172
	for <~alpine/devel@lists.alpinelinux.org>; Tue, 21 Jun 2022 08:43:43 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=tower-net.de; h=
	content-transfer-encoding:content-type:content-type:message-id
	:references:in-reply-to:subject:subject:from:from:date:date
	:mime-version; s=20201123; t=1655801018; bh=Fvs4bIy9Gj/jWKx6EsMP
	bDgLfQ2kt+X2fGgtyAnSNIo=; b=Ih2agHeb6NmGTmmNhkDgOigaw3teAZyUwmHi
	Fwi/a5MHQH9IbjeJVUGerMOlK5tA9VD6AgCH0vGz+51UuGnfqhWxZHVgADqXZVym
	60zLPGl0TIwCVg5jqxmYhprz15b2dxDY3+VgmcjTMtc32HnMbQEJSHwgQ0R5BQlf
	AZ7JSGxaZeGbnY7w4WCBtKLWLrNMWh8FnbZ1nC64rVYmwhdxHyQFTZ2SsmELjTq8
	NzrVrvSsQdQjiRStLvAfhVSnBHqdnbk+A7TJhqTk5asn2ks8XTH/+ir5/FgVSScJ
	LCQIghxmI2dVyminlIgYvqgRNISpnnwYJhxWVpLQxclSthLNGZjzJnfj1DlHeCPu
	Q0mWfpHDQTuUxHCAgFMDHTK7XE/5U6n5Cn90Vr5BkeoaOqenQmXCa5VFVkYQfSei
	9FMqDbjFK1f8O6Twv9ptnUIuaLBQz9TizkwP/RGwceVd3mbMm8007zOvBHtd5bhP
	FHqKetJaibISRAwYC4BGy7z9yRCQ
MIME-Version: 1.0
Date: Tue, 21 Jun 2022 10:43:37 +0200
From: Markus Kolb <alpinelinux+develml@tower-net.de>
To: Jakub Jirutka <jakub@jirutka.cz>
Cc: Konstantin Kulikov <k.kulikov2@gmail.com>, Alpine Linux devel ML
 <~alpine/devel@lists.alpinelinux.org>
Subject: Re: Security problem in how you manage users in package installations
In-Reply-To: <0ac71bc3-3b4b-a709-96b9-83f40c0c57ab@jirutka.cz>
References: <22948c2fba2f4882ac4646501fd6ef3f@tower-net.de>
 <CAD+eXGR0gJH5UbrgE=5qvXaNgsRD+17tueooGdSY1NKPLcVrKw@mail.gmail.com>
 <49d7456930f237457bf7f3f5c50f96e4@tower-net.de>
 <CAD+eXGQuATq8yW=LqSoyj04B=-egzfna_R6+9mOXXiiu+owq_A@mail.gmail.com>
 <0ac71bc3-3b4b-a709-96b9-83f40c0c57ab@jirutka.cz>
Message-ID: <410fabb4f80a07b9dc91fd67494c23a1@tower-net.de>
X-Sender: alpinelinux+develml@tower-net.de
Content-Type: text/plain; charset=US-ASCII;
 format=flowed
Content-Transfer-Encoding: 7bit

Am 19.06.2022 18:54, schrieb Jakub Jirutka:
> Hi,
> 
>> I don't agree that admin should be required to manually create 
>> directories with correct permissions.
> 
> Me neither.
> 

Never requested anything like this...

But rc-scripts shouldn't overwrite permissions in an unsafe manner, and 
this can only be achieved if they don't modify clandestinely 
permissions.
The directories have to be created with correctly set permissions during 
package installation.
You can inform the admin during startup that there is something wrong, 
and the service can not start because of this, which is also expressed 
by the function name "check...". It doesn't say fix, modify, repair or 
anything else explaining that this is a mutable process.