[Installer] Extra unprivileged “root” account added

  • Done
  • quality assurance status badge
Details
3 participants
  • bokr
  • Ludovic Courtès
  • Tobias Geerinckx-Rice
Owner
unassigned
Submitted by
Ludovic Courtès
Severity
important
L
L
Ludovic Courtès wrote on 11 May 2022 11:36
(address . bug-guix@gnu.org)
87ee10o1g1.fsf@inria.fr
The installer built from:

Toggle snippet (7 lines)
Generation 214 May 02 2022 21:44:14 (current)
guix 6b588da
repository URL: https://git.savannah.gnu.org/git/guix.git
branch: master
commit: 6b588da368c77cde82ea2f22ca315116228777ad

… adds an unprivileged “root” account to the ‘users’ section of the OS
config.

Ludo’.
L
L
Ludovic Courtès wrote on 11 May 2022 15:42
control message for bug #55361
(address . control@debbugs.gnu.org)
87czgknq26.fsf@gnu.org
severity 55361 important
quit
L
L
Ludovic Courtès wrote on 11 May 2022 15:42
control message for bug #53214
(address . control@debbugs.gnu.org)
87bkw4nq1v.fsf@gnu.org
block 53214 by 55361
quit
L
L
Ludovic Courtès wrote on 21 May 2022 00:19
Re: bug#55361: [Installer] Extra unprivileged “roo t” account added
(address . 55361-done@debbugs.gnu.org)(name . Mathieu Othacehe)(address . othacehe@gnu.org)
87h75jvodh.fsf@gnu.org
Ludovic Courtès <ludo@gnu.org> skribis:

Toggle quote (11 lines)
> The installer built from:
>
> Generation 214 May 02 2022 21:44:14 (current)
> guix 6b588da
> repository URL: https://git.savannah.gnu.org/git/guix.git
> branch: master
> commit: 6b588da368c77cde82ea2f22ca315116228777ad
>
> … adds an unprivileged “root” account to the ‘users’ section of the OS
> config.

Fixed in 48c748226e2a94d2dec9bfdf84601455f00d6f5e, which reverts
c2125e59d0774cda3e559adeb056459a5f23586b.

Ludo’.
Closed
B
Re: bug#55361: [Installer] Extra unprivileged “root” account added
20220521125434.GA2334@LionPure
Hello,

On +2022-05-21 00:19:06 +0200, Ludovic Courtès wrote:
Toggle quote (20 lines)
> Ludovic Courtès <ludo@gnu.org> skribis:
>
> > The installer built from:
> >
> > Generation 214 May 02 2022 21:44:14 (current)
> > guix 6b588da
> > repository URL: https://git.savannah.gnu.org/git/guix.git
> > branch: master
> > commit: 6b588da368c77cde82ea2f22ca315116228777ad
> >
> > … adds an unprivileged “root” account to the ‘users’ section of the OS
> > config.
>
> Fixed in 48c748226e2a94d2dec9bfdf84601455f00d6f5e, which reverts
> c2125e59d0774cda3e559adeb056459a5f23586b.
>
> Ludo’.
>
>
>
Toggle snippet (8 lines)
commit c2125e59d0774cda3e559adeb056459a5f23586b
Author: Mathieu Othacehe <othacehe@gnu.org>
Date: Mon Apr 4 16:38:09 2022 +0200

installer: user: Remove useless filtering.


Toggle snippet (11 lines)
commit 48c748226e2a94d2dec9bfdf84601455f00d6f5e
Author: Ludovic Courtès <ludo@gnu.org>
Date: Fri May 20 20:41:02 2022 +0200

Revert "installer: user: Remove useless filtering."
This reverts commit c2125e59d0774cda3e559adeb056459a5f23586b.
Fixes <https://issues.guix.gnu.org/55361>.

Assuming my date-diff hack worked:
Toggle snippet (4 lines)
~/wb/guix]$ date-diff '2022-04-04 16:38:09' '2022-05-20 20:41:02'
46days 4hrs 2min 53sec

Is this like coming home from 46day vacation and noticing
that, oops, someone left the kitchen door open,
and hoping no ++ungoodniks noticed? Or meh?

Is. or should there be, a required signoff on an
exploitability assessment in the commit, when it
has that scent? (e.g. anything possibly opening
a door to root privilges).

Personally, I am happy to see "fixed," but I would be happier
seeing a signed exploitability assessment, esp if by someone
concentrating on that aspect of things.

Thoughts?

--
Regards,
Bengt Richter
T
T
Tobias Geerinckx-Rice wrote on 21 May 2022 15:34
Re: bug#55361: [Installer] Extra unprivilege d “root” account added
(address . bokr@bokr.com)
7245779f538e8f9ac6a19f5cc3efbe03@tobias.gr
Hi bokr,

What makes this commit special? If there's a security aspect here, what
is it?

Toggle quote (4 lines)
> Personally, I am happy to see "fixed," but I would be happier
> seeing a signed exploitability assessment, esp if by someone
> concentrating on that aspect of things.

I don't think anyone is going to volunteer for that honour, unless you
are :-)

Kind regards,

T G-R

Sent from a Web browser. Excuse or enjoy my brevity.
L
L
Ludovic Courtès wrote on 21 May 2022 18:51
Re: bug#55361: [Installer] Extra unprivileged “roo t” account added
(address . bokr@bokr.com)(address . 55361@debbugs.gnu.org)
875ylyu8vq.fsf@gnu.org
Hi,

bokr@bokr.com skribis:

Toggle quote (9 lines)
> Assuming my date-diff hack worked:
>
> ~/wb/guix]$ date-diff '2022-04-04 16:38:09' '2022-05-20 20:41:02'
> 46days 4hrs 2min 53sec
>
> Is this like coming home from 46day vacation and noticing
> that, oops, someone left the kitchen door open,
> and hoping no ++ungoodniks noticed? Or meh?

Heh. It was a minor annoyance: the generated OS config would have an
unnecessary “root” user account (unnecessary because it’s included by
default), which ‘guix system init’ would warn about and ignore, and the
end result is unchanged.

IWBN to augment the installation tests with a check for that, but that’s
tricky. But like Tobias wrote, contributions are welcome. :-)

Thanks,
Ludo’.
?