guix/gnu/services
Maxime Devos 520bac7ed0
services: Prevent following symlinks during activation.
This addresses a potential security issue, where a compromised
service could trick the activation code in changing the permissions,
owner and group of arbitrary files.  However, this patch is
currently only a partial fix, due to a TOCTTOU (time-of-check to
time-of-use) race, which can be fixed once guile has bindings
to openat and friends.

Fixes: <https://lists.gnu.org/archive/html/guix-devel/2021-01/msg00388.html>

* gnu/build/activation.scm: new procedure 'mkdir-p/perms'.
* gnu/services/authentication.scm
  (%nslcd-activation, nslcd-service-type): use new procedure.
* gnu/services/cups.scm (%cups-activation): likewise.
* gnu/services/dbus.scm (dbus-activation): likewise.
* gnu/services/dns.scm (knot-activation): likewise.

Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2021-03-10 18:01:47 +01:00
..
admin.scm
audio.scm
auditd.scm
authentication.scm services: Prevent following symlinks during activation. 2021-03-10 18:01:47 +01:00
avahi.scm
base.scm
certbot.scm
cgit.scm
configuration.scm
cuirass.scm services: cuirass: Remove simple cuirass configuration. 2021-03-10 09:05:02 +01:00
cups.scm services: Prevent following symlinks during activation. 2021-03-10 18:01:47 +01:00
databases.scm services: postgresql-roles: Fix race condition. 2021-02-23 11:00:18 +01:00
dbus.scm services: Prevent following symlinks during activation. 2021-03-10 18:01:47 +01:00
desktop.scm
dict.scm
dns.scm services: Prevent following symlinks during activation. 2021-03-10 18:01:47 +01:00
docker.scm
file-sharing.scm
games.scm
ganeti.scm
getmail.scm
guix.scm services: guix-build-coordinator: Add dynamic auth with file record. 2021-03-05 09:29:58 +00:00
herd.scm
hurd.scm
kerberos.scm
linux.scm
lirc.scm
mail.scm
mcron.scm
messaging.scm
monitoring.scm
networking.scm services: tor: Add control-socket? option. 2021-02-22 10:03:02 -05:00
nfs.scm
nix.scm
pam-mount.scm
pm.scm
rsync.scm
science.scm
sddm.scm
security-token.scm
shepherd.scm services: shepherd: Make 'assert-valid-graph' public. 2021-03-03 14:19:26 +01:00
sound.scm
spice.scm
ssh.scm
syncthing.scm
sysctl.scm
telephony.scm
version-control.scm
virtualization.scm
vpn.scm
web.scm
xorg.scm