all messages for Guix-related lists mirrored at yhetil.org
 help / color / mirror / code / Atom feed
From: Bengt Richter <bokr@bokr.com>
To: Maxime Devos <maximedevos@telenet.be>
Cc: guix-devel@gnu.org
Subject: Re: TOCTTOU race (was: Potential security weakness in Guix services)
Date: Sun, 14 Feb 2021 18:19:05 +0100	[thread overview]
Message-ID: <20210214171905.GA2887@LionPure> (raw)
In-Reply-To: <53c60ce40d68cfc93a9ea2c4a8f865026e12c889.camel@telenet.be>

Hi,

On +2021-02-14 13:29:29 +0100, Maxime Devos wrote:
> On Sat, 2021-02-06 at 22:26 +0100, Ludovic Courtès wrote:
> > 
> > [...]
> > I understand the TOCTTOU race.  However, activation code runs in two
> > situations: when booting the system (before shepherd takes over), and 
> > upon ‘guix system reconfigure’ completion.
> >

Until we have a guix jargon file and a
    guix gloss SEARCHARGS ...
convenience command, it is nice towards noobs to spell out
an abbreviation or acronym on first use ;-)

--8<---------------cut here---------------start------------->8---
Time-of-check to time-of-use

   From Wikipedia, the free encyclopedia
     (Redirected from TOCTTOU)
   Jump to navigation Jump to search

   In software development, time-of-check to time-of-use (TOCTOU, TOCTTOU
   or TOC/TOU) is a class of software bugs caused by a race condition
   involving the checking of the state of a part of a system (such as a
   security credential) and the use of the results of that check.

   TOCTOU race conditions are common in Unix between operations on the
   file system,^[1] but can occur in other contexts, including local
   sockets and improper use of database transactions. In the early 1990s,
   the mail utility of BSD 4.3 UNIX had an exploitable race condition for
   temporary files because it used the mktemp()^[2] function.^[3] Early
   versions of OpenSSH had an exploitable race condition for Unix domain
   sockets.^[4] They remain a problem in modern systems; as of 2019, a
   TOCTOU race condition in Docker allows root access to the filesystem of
   the host platform.^[5]
   [ ]
--8<---------------cut here---------------end--------------->8---

[...snip...]
-- 
Regards,
Bengt Richter


  reply	other threads:[~2021-02-14 17:19 UTC|newest]

Thread overview: 26+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-01-28 21:53 Potential security weakness in Guix services Leo Famulari
2021-01-29 13:33 ` Maxime Devos
2021-01-29 15:25   ` Maxime Devos
2021-02-01 15:35 ` Ludovic Courtès
2021-02-01 15:47   ` Julien Lepiller
2021-02-01 16:19     ` Maxime Devos
2021-02-02 13:07       ` Ludovic Courtès
2021-02-02 13:38         ` Maxime Devos
2021-02-02 15:30           ` Maxime Devos
2021-02-05  9:57           ` Ludovic Courtès
2021-02-05 12:20             ` Maxime Devos
2021-02-05 14:16               ` Maxime Devos
2021-02-06 21:28                 ` Ludovic Courtès
2021-02-06 22:01                   ` Maxime Devos
2021-02-10 20:45                     ` Ludovic Courtès
2021-02-06 21:26               ` Ludovic Courtès
2021-02-14 12:29                 ` TOCTTOU race (was: Potential security weakness in Guix services) Maxime Devos
2021-02-14 17:19                   ` Bengt Richter [this message]
2021-02-18 17:54                   ` TOCTTOU race Ludovic Courtès
2021-02-19 18:01                     ` Maxime Devos
2021-02-22  8:54                       ` Ludovic Courtès
2021-02-22 19:13                         ` Maxime Devos
2021-02-23 15:30                           ` Ludovic Courtès
2021-02-27  7:41                             ` Maxime Devos
2021-03-10 10:07                               ` Ludovic Courtès
2021-02-10 20:54             ` Potential security weakness in Guix services Christopher Lemmer Webber

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20210214171905.GA2887@LionPure \
    --to=bokr@bokr.com \
    --cc=guix-devel@gnu.org \
    --cc=maximedevos@telenet.be \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
Code repositories for project(s) associated with this external index

	https://git.savannah.gnu.org/cgit/guix.git

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.