Just to make life a little bit more difficult for canned exploits on a
web server, I've tried to eliminate directories where daemon users have
both write and exec ability. In particular, /tmp is mounted noexec.
That, however, makes preconfiguring packages unhappy:
Preconfiguring packages ...
Can't exec "/tmp/libc6.config.32281": Permission denied at /usr/share/perl/5.8/IPC/Open3.pm line 168.
open2: exec of /tmp/libc6.config.32281 configure 2.7-6 failed at /usr/share/perl5/Debconf/ConfModule.pm line 59
libc6 failed to preconfigure, with exit status 9
Can't exec "/tmp/libssl0.9.8.config.32283": Permission denied at /usr/share/perl/5.8/IPC/Open3.pm line 168.
open2: exec of /tmp/libssl0.9.8.config.32283 configure 0.9.8g-4 failed at /usr/share/perl5/Debconf/ConfModule.pm line 59
libssl0.9.8 failed to preconfigure, with exit status 9
Can't exec "/tmp/tasksel.config.32285": Permission denied at /usr/share/perl/5.8/IPC/Open3.pm line 168.
open2: exec of /tmp/tasksel.config.32285 configure 2.71 failed at /usr/share/perl5/Debconf/ConfModule.pm line 59
tasksel failed to preconfigure, with exit status 9
Can't exec "/tmp/locales.config.32287": Permission denied at /usr/share/perl/5.8/IPC/Open3.pm line 168.
open2: exec of /tmp/locales.config.32287 configure 2.7-7 failed at /usr/share/perl5/Debconf/ConfModule.pm line 59
locales failed to preconfigure, with exit status 9
Can't exec "/tmp/openssh-server.config.32289": Permission denied at /usr/share/perl/5.8/IPC/Open3.pm line 168.
open2: exec of /tmp/openssh-server.config.32289 configure 1:4.7p1-3 failed at /usr/share/perl5/Debconf/ConfModule.pm line 59
openssh-server failed to preconfigure, with exit status 9
Can't exec "/tmp/ca-certificates.config.322811": Permission denied at /usr/share/perl/5.8/IPC/Open3.pm line 168.
open2: exec of /tmp/ca-certificates.config.322811 configure 20070303 failed at /usr/share/perl5/Debconf/ConfModule.pm line 59
ca-certificates failed to preconfigure, with exit status 9
Can't exec "/tmp/hddtemp.config.32591": Permission denied at /usr/share/perl/5.8/IPC/Open3.pm line 168.
open2: exec of /tmp/hddtemp.config.32591 configure 0.3-beta15-38 failed at /usr/share/perl5/Debconf/ConfModule.pm line 59
hddtemp failed to preconfigure, with exit status 9
To debconf's credit, it survives and configures later, so it's mostly
just ugly.
Possible solutions:
- Just disable preconfiguration if /tmp is noexec
(Downside: preconfiguration reduces server down-time when upgrading services.)
- Use a subdirectry of /var/lib/dpkg
(Downside: need to clean up aborted installs manually.)
- Parse #! line manually
(Downside: the famous security race condition.)
Package: debconf
Version: 1.5.19
Just a "me, too" note to keep the bug fresh.
Just to make life a little bit more difficult for canned exploits on a
web server, I've tried to eliminate directories where daemon users have
both write and exec ability. In particular, /tmp is mounted noexec.
That, however, makes preconfiguring packages unhappy:
Preconfiguring packages ... config. 32281": Permission denied at /usr/share/ perl/5. 8/IPC/Open3. pm line 168. config. 32281 configure 2.7-6 failed at /usr/share/ perl5/Debconf/ ConfModule. pm line 59 9.8.config. 32283": Permission denied at /usr/share/ perl/5. 8/IPC/Open3. pm line 168. 9.8.config. 32283 configure 0.9.8g-4 failed at /usr/share/ perl5/Debconf/ ConfModule. pm line 59 config. 32285": Permission denied at /usr/share/ perl/5. 8/IPC/Open3. pm line 168. config. 32285 configure 2.71 failed at /usr/share/ perl5/Debconf/ ConfModule. pm line 59 config. 32287": Permission denied at /usr/share/ perl/5. 8/IPC/Open3. pm line 168. config. 32287 configure 2.7-7 failed at /usr/share/ perl5/Debconf/ ConfModule. pm line 59 server. config. 32289": Permission denied at /usr/share/ perl/5. 8/IPC/Open3. pm line 168. server. config. 32289 configure 1:4.7p1-3 failed at /usr/share/ perl5/Debconf/ ConfModule. pm line 59 certificates. config. 322811" : Permission denied at /usr/share/ perl/5. 8/IPC/Open3. pm line 168. certificates. config. 322811 configure 20070303 failed at /usr/share/ perl5/Debconf/ ConfModule. pm line 59 config. 32591": Permission denied at /usr/share/ perl/5. 8/IPC/Open3. pm line 168. config. 32591 configure 0.3-beta15-38 failed at /usr/share/ perl5/Debconf/ ConfModule. pm line 59
Can't exec "/tmp/libc6.
open2: exec of /tmp/libc6.
libc6 failed to preconfigure, with exit status 9
Can't exec "/tmp/libssl0.
open2: exec of /tmp/libssl0.
libssl0.9.8 failed to preconfigure, with exit status 9
Can't exec "/tmp/tasksel.
open2: exec of /tmp/tasksel.
tasksel failed to preconfigure, with exit status 9
Can't exec "/tmp/locales.
open2: exec of /tmp/locales.
locales failed to preconfigure, with exit status 9
Can't exec "/tmp/openssh-
open2: exec of /tmp/openssh-
openssh-server failed to preconfigure, with exit status 9
Can't exec "/tmp/ca-
open2: exec of /tmp/ca-
ca-certificates failed to preconfigure, with exit status 9
Can't exec "/tmp/hddtemp.
open2: exec of /tmp/hddtemp.
hddtemp failed to preconfigure, with exit status 9
To debconf's credit, it survives and configures later, so it's mostly
just ugly.
Possible solutions:
- Just disable preconfiguration if /tmp is noexec
(Downside: preconfiguration reduces server down-time when upgrading services.)
- Use a subdirectry of /var/lib/dpkg
(Downside: need to clean up aborted installs manually.)
- Parse #! line manually
(Downside: the famous security race condition.)