summary refs log tree commit diff
path: root/gnu/build/activation.scm
diff options
context:
space:
mode:
authorLudovic Courtès <ludo@gnu.org>2017-10-08 21:25:32 +0200
committerLudovic Courtès <ludo@gnu.org>2017-10-08 21:27:48 +0200
commit5e66574a128937e7f2fcf146d146225703ccfd5d (patch)
tree6ff5431d78002db400864a2f7acbad6d57876e52 /gnu/build/activation.scm
parentd265169b364ebf38b616c19a97fd8448f8a31273 (diff)
downloadguix-5e66574a128937e7f2fcf146d146225703ccfd5d.tar.gz
activation: Do not create setuid binaries in the store [security fix].
Fixes <https://bugs.gnu.org/28751>.

* gnu/build/activation.scm (activate-setuid-programs)[link-or-copy]: Remove.
Use 'copy-file' instead.
Diffstat (limited to 'gnu/build/activation.scm')
-rw-r--r--gnu/build/activation.scm13
1 files changed, 1 insertions, 12 deletions
diff --git a/gnu/build/activation.scm b/gnu/build/activation.scm
index 9c58370ec3..6c0d603ddf 100644
--- a/gnu/build/activation.scm
+++ b/gnu/build/activation.scm
@@ -353,24 +353,13 @@ they already exist."
   ;; Place where setuid programs are stored.
   "/run/setuid-programs")
 
-(define (link-or-copy source target)
-  "Attempt to make TARGET a hard link to SOURCE; if it fails, fall back to
-copy SOURCE to TARGET."
-  (catch 'system-error
-    (lambda ()
-      (link source target))
-    (lambda args
-      ;; Perhaps SOURCE and TARGET live in a different file system, so copy
-      ;; SOURCE.
-      (copy-file source target))))
-
 (define (activate-setuid-programs programs)
   "Turn PROGRAMS, a list of file names, into setuid programs stored under
 %SETUID-DIRECTORY."
   (define (make-setuid-program prog)
     (let ((target (string-append %setuid-directory
                                  "/" (basename prog))))
-      (link-or-copy prog target)
+      (copy-file prog target)
       (chown target 0 0)
       (chmod target #o6555)))