Report forwarded to debian-bugs-dist@lists.debian.org, Tommi Virtanen <tv@debian.org>:
Bug#56833; Package pgp5i.   debian-bugs-dist@lists.debian.orgTommi Virtanen  Subject: Bug#56833: PGP5i has temp-file problems Reply-To: Guido Witmond , 56833@bugs.debian.org Resent-From: Guido Witmond Resent-To: debian-bugs-dist@lists.debian.org Resent-CC: Tommi Virtanen Resent-Date: Tue, 01 Feb 2000 23:03:22 GMT Resent-Message-ID: Resent-Sender: owner@bugs.debian.org X-Debian-PR-Message: report 56833 X-Debian-PR-Package: pgp5i X-Debian-PR-Keywords: X-Loop: owner@bugs.debian.org Received: via spool by bugs@bugs.debian.org id=B.9494438136756 (code B ref -1); Tue, 01 Feb 2000 23:03:22 GMT Date: Wed, 2 Feb 2000 01:32:12 +0100 From: Guido Witmond To: submit@bugs.debian.org Message-ID: <20000202013212.A818@dataweb.nl> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii User-Agent: Mutt/1.0.1i Package: pgp5i Version 5.0-3 Severity: normal The pgpk program creates a temporary file with the name ~/.pgp/pubring.pg0 when operating on the public key ring. The problems encountered: 1) it ignores any files and symlimks and happily overwrites any file with this name. Potential damage: any file that can be access by the user can be corrupted. 2) it does not lock the temp file for concurrent access, leading to race conditions during later filename shuffling. It might lead to loss of service or (speculating) corruption of the public keyring. A busy server and many processess accessing the keyfile might raise the chance of this above 'neglectable'. Ad 1) this guido 23:45 ~/.pgp > date > t this guido 23:46 ~/.pgp > ln -s t pubring.pg0 this guido 23:46 ~/.pgp > ls -l total 427 -rw-r--r-- 1 guido users 51 Apr 28 1996 config.txt -rw-r--r-- 1 guido users 51 Feb 1 22:18 pgp.cfg -rw------- 1 guido users 139817 Feb 1 23:26 pubring.bak lrwxrwxrwx 1 guido users 1 Feb 1 23:46 pubring.pg0 -> t -rw------- 1 guido users 141164 Feb 24 1999 pubring.pgp -rw------- 1 guido users 139817 Feb 1 23:45 pubring.pkr -rw------- 1 guido users 512 Feb 1 23:45 randseed.bin -rw------- 1 guido users 1061 Apr 4 1997 secring.SAVE -rw------- 1 guido users 1113 Feb 1 22:18 secring.bak -rw------- 1 guido users 1113 Jan 14 1999 secring.pgp -rw------- 1 guido users 1113 Feb 1 22:26 secring.skr -rw-r--r-- 1 guido users 29 Feb 1 23:46 t this guido 23:46 ~/.pgp > cat t Tue Feb 1 23:46:14 CET 2000 this guido 23:46 ~/.pgp > pgpk -xa witmond -o witm.asc this guido 23:46 ~/.pgp > ls -l total 568 -rw-r--r-- 1 guido users 51 Apr 28 1996 config.txt -rw-r--r-- 1 guido users 51 Feb 1 22:18 pgp.cfg -rw------- 1 guido users 139817 Feb 1 23:45 pubring.bak -rw------- 1 guido users 141164 Feb 24 1999 pubring.pgp -rw------- 1 guido users 139817 Feb 1 23:46 pubring.pkr -rw------- 1 guido users 512 Feb 1 23:46 randseed.bin -rw------- 1 guido users 1061 Apr 4 1997 secring.SAVE -rw------- 1 guido users 1113 Feb 1 22:18 secring.bak -rw------- 1 guido users 1113 Jan 14 1999 secring.pgp -rw------- 1 guido users 1113 Feb 1 22:26 secring.skr -rw-r--r-- 1 guido users 139817 Feb 1 23:46 t -rw------- 1 guido users 3236 Feb 1 23:46 witm.asc this guido 23:47 ~/.pgp > cmp t pubring.pkr this guido 23:47 ~/.pgp > Ad 2) $ strace pgpk -xa witmond -o witmond.asc [tracing until after this point] open("/home/guido/.pgp/pubring.pg0", O_RDWR|O_CREAT|O_TRUNC, 0666) = 6 and while copying the entire .pkr into .pg0 a second instance of pgpk also execute this open statement above, thereby truncating the work of the first process. The first process will do a: rmdir("/home/guido/.pgp/pubring.bak") = -1 ENOTDIR (Not a directory) unlink("/home/guido/.pgp/pubring.bak") = 0 rename("/home/guido/.pgp/pubring.pkr", "/home/guido/.pgp/pubring.bak") = 0 umask(077) = 022 open("/home/guido/.pgp/pubring.pkr", O_RDWR|O_CREAT|O_TRUNC, 0666) = 5 But as part of the .pg0 file is zeroed by the second process it will lead to: close(5) = 0 munmap(0x40015000, 4096) = 0 rmdir("/home/guido/.pgp/pubring.bak") = -1 ENOTDIR (Not a directory) unlink("/home/guido/.pgp/pubring.bak") = 0 rename("/home/guido/.pgp/pubring.pkr", "/home/guido/.pgp/pubring.bak") = 0 umask(077) = 022 open("/home/guido/.pgp/pubring.pkr", O_RDWR|O_CREAT|O_TRUNC, 0666) = 5 and later on it will detect it somehow: read(6, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 4096) = 409 6 write(2, "ASSERTION FAILED at pgpFileDB.c "..., 66ASSERTION FAILED at pgpFileDB. c line 129: (rdb->rfile) not true ) = 66 close(6) = 0 munmap(0x40016000, 4096) = 0 rmdir("/home/guido/.pgp/pubring.pg0") = -1 ENOTDIR (Not a directory) unlink("/home/guido/.pgp/pubring.pg0") = 0 close(5) = 0 munmap(0x40015000, 4096) = 0 close(4) = 0 munmap(0x40014000, 4096) = 0 write(2, "Unable to open keyring: ", 25Unable to open keyring: ) = 25 write(2, "Bad data found where key\n", 25Bad data found where key ) = 25 Although it has restored the public key ring it has not performed the requested key export operation. Why it needs to copy my keyring twice just to _export_ a key puzzles me. As the fact that is reads the secring.skr file and updates the randseed.bin. Kind regards, Guido Witmond. (guido@debian.org)   Acknowledgement sent to Guido Witmond <guido@dataweb.nl>:
New Bug report received and forwarded. Copy sent to Tommi Virtanen <tv@debian.org>.   -t  From: owner@bugs.debian.org (Debian Bug Tracking System) To: Guido Witmond Subject: Bug#56833: Acknowledgement (PGP5i has temp-file problems) Message-ID: In-Reply-To: <20000202013212.A818@dataweb.nl> References: <20000202013212.A818@dataweb.nl> X-Debian-PR-Message: ack 56833 Thank you for the problem report you have sent regarding Debian. This is an automatically generated reply, to let you know your message has been received. It is being forwarded to the developers mailing list for their attention; they will reply in due course. Your message has been sent to the package maintainer(s): Tommi Virtanen If you wish to submit further information on your problem, please send it to 56833@bugs.debian.org (and *not* to bugs@bugs.debian.org). Please do not reply to the address at the top of this message, unless you wish to report a problem with the Bug-tracking system. Darren Benham (administrator, Debian Bugs database)   Received: (at submit) by bugs.debian.org; 1 Feb 2000 22:23:33 +0000 Received: (qmail 6686 invoked from network); 1 Feb 2000 22:23:28 -0000 Received: from noordeinde-39.denhaag.dataweb.nl (HELO this.is.my.net) (postfix@193.78.237.158) by master.debian.org with SMTP; 1 Feb 2000 22:23:28 -0000 Received: by this.is.my.net (Postfix, from userid 1000) id 36DDCC38DD; Wed, 2 Feb 2000 01:32:13 +0100 (CET) Date: Wed, 2 Feb 2000 01:32:12 +0100 From: Guido Witmond To: submit@bugs.debian.org Subject: PGP5i has temp-file problems Message-ID: <20000202013212.A818@dataweb.nl> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii User-Agent: Mutt/1.0.1i Package: pgp5i Version 5.0-3 Severity: normal The pgpk program creates a temporary file with the name ~/.pgp/pubring.pg0 when operating on the public key ring. The problems encountered: 1) it ignores any files and symlimks and happily overwrites any file with this name. Potential damage: any file that can be access by the user can be corrupted. 2) it does not lock the temp file for concurrent access, leading to race conditions during later filename shuffling. It might lead to loss of service or (speculating) corruption of the public keyring. A busy server and many processess accessing the keyfile might raise the chance of this above 'neglectable'. Ad 1) this guido 23:45 ~/.pgp > date > t this guido 23:46 ~/.pgp > ln -s t pubring.pg0 this guido 23:46 ~/.pgp > ls -l total 427 -rw-r--r-- 1 guido users 51 Apr 28 1996 config.txt -rw-r--r-- 1 guido users 51 Feb 1 22:18 pgp.cfg -rw------- 1 guido users 139817 Feb 1 23:26 pubring.bak lrwxrwxrwx 1 guido users 1 Feb 1 23:46 pubring.pg0 -> t -rw------- 1 guido users 141164 Feb 24 1999 pubring.pgp -rw------- 1 guido users 139817 Feb 1 23:45 pubring.pkr -rw------- 1 guido users 512 Feb 1 23:45 randseed.bin -rw------- 1 guido users 1061 Apr 4 1997 secring.SAVE -rw------- 1 guido users 1113 Feb 1 22:18 secring.bak -rw------- 1 guido users 1113 Jan 14 1999 secring.pgp -rw------- 1 guido users 1113 Feb 1 22:26 secring.skr -rw-r--r-- 1 guido users 29 Feb 1 23:46 t this guido 23:46 ~/.pgp > cat t Tue Feb 1 23:46:14 CET 2000 this guido 23:46 ~/.pgp > pgpk -xa witmond -o witm.asc this guido 23:46 ~/.pgp > ls -l total 568 -rw-r--r-- 1 guido users 51 Apr 28 1996 config.txt -rw-r--r-- 1 guido users 51 Feb 1 22:18 pgp.cfg -rw------- 1 guido users 139817 Feb 1 23:45 pubring.bak -rw------- 1 guido users 141164 Feb 24 1999 pubring.pgp -rw------- 1 guido users 139817 Feb 1 23:46 pubring.pkr -rw------- 1 guido users 512 Feb 1 23:46 randseed.bin -rw------- 1 guido users 1061 Apr 4 1997 secring.SAVE -rw------- 1 guido users 1113 Feb 1 22:18 secring.bak -rw------- 1 guido users 1113 Jan 14 1999 secring.pgp -rw------- 1 guido users 1113 Feb 1 22:26 secring.skr -rw-r--r-- 1 guido users 139817 Feb 1 23:46 t -rw------- 1 guido users 3236 Feb 1 23:46 witm.asc this guido 23:47 ~/.pgp > cmp t pubring.pkr this guido 23:47 ~/.pgp > Ad 2) $ strace pgpk -xa witmond -o witmond.asc [tracing until after this point] open("/home/guido/.pgp/pubring.pg0", O_RDWR|O_CREAT|O_TRUNC, 0666) = 6 and while copying the entire .pkr into .pg0 a second instance of pgpk also execute this open statement above, thereby truncating the work of the first process. The first process will do a: rmdir("/home/guido/.pgp/pubring.bak") = -1 ENOTDIR (Not a directory) unlink("/home/guido/.pgp/pubring.bak") = 0 rename("/home/guido/.pgp/pubring.pkr", "/home/guido/.pgp/pubring.bak") = 0 umask(077) = 022 open("/home/guido/.pgp/pubring.pkr", O_RDWR|O_CREAT|O_TRUNC, 0666) = 5 But as part of the .pg0 file is zeroed by the second process it will lead to: close(5) = 0 munmap(0x40015000, 4096) = 0 rmdir("/home/guido/.pgp/pubring.bak") = -1 ENOTDIR (Not a directory) unlink("/home/guido/.pgp/pubring.bak") = 0 rename("/home/guido/.pgp/pubring.pkr", "/home/guido/.pgp/pubring.bak") = 0 umask(077) = 022 open("/home/guido/.pgp/pubring.pkr", O_RDWR|O_CREAT|O_TRUNC, 0666) = 5 and later on it will detect it somehow: read(6, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 4096) = 409 6 write(2, "ASSERTION FAILED at pgpFileDB.c "..., 66ASSERTION FAILED at pgpFileDB. c line 129: (rdb->rfile) not true ) = 66 close(6) = 0 munmap(0x40016000, 4096) = 0 rmdir("/home/guido/.pgp/pubring.pg0") = -1 ENOTDIR (Not a directory) unlink("/home/guido/.pgp/pubring.pg0") = 0 close(5) = 0 munmap(0x40015000, 4096) = 0 close(4) = 0 munmap(0x40014000, 4096) = 0 write(2, "Unable to open keyring: ", 25Unable to open keyring: ) = 25 write(2, "Bad data found where key\n", 25Bad data found where key ) = 25 Although it has restored the public key ring it has not performed the requested key export operation. Why it needs to copy my keyring twice just to _export_ a key puzzles me. As the fact that is reads the secring.skr file and updates the randseed.bin. Kind regards, Guido Witmond. (guido@debian.org)   Information forwarded to debian-bugs-dist@lists.debian.org:
Bug#56833; Package pgp5i.   debian-bugs-dist@lists.debian.org  Subject: Bug#56833: PGP5i has temp-file problems Reply-To: Tommi Virtanen , 56833@bugs.debian.org Resent-From: Tommi Virtanen Resent-To: debian-bugs-dist@lists.debian.org Resent-Date: Fri, 04 Feb 2000 23:03:11 GMT Resent-Message-ID: Resent-Sender: owner@bugs.debian.org X-Debian-PR-Message: report 56833 X-Debian-PR-Package: pgp5i X-Debian-PR-Keywords: X-Loop: owner@bugs.debian.org Received: via spool by 56833-bugs@bugs.debian.org id=B56833.94970377320567 (code B ref 56833); Fri, 04 Feb 2000 23:03:11 GMT Date: Sat, 5 Feb 2000 00:36:05 +0200 From: Tommi Virtanen To: Guido Witmond , ejb@debian.org Cc: 56833@bugs.debian.org Message-ID: <20000205003605.A6699@hq.yok.utu.fi> References: <20000202013212.A818@dataweb.nl> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii User-Agent: Mutt/1.0i In-Reply-To: <20000202013212.A818@dataweb.nl>; from guido@dataweb.nl on Wed, Feb 02, 2000 at 01:32:12AM +0100 On Wed, Feb 02, 2000 at 01:32:12AM +0100, Guido Witmond wrote: > The pgpk program creates a temporary file with the name ~/.pgp/pubring.pg0 > when operating on the public key ring. > > The problems encountered: > > 1) it ignores any files and symlimks and happily overwrites any file with > this name. > Potential damage: any file that can be access by the user can be corrupted. This is irrelevant, as the file is created in a directory the owned by the user himself, and not writable by others. You can only attack yourself with this. > 2) it does not lock the temp file for concurrent access, leading to race > conditions during later filename shuffling. It might lead to loss of > service or (speculating) corruption of the public keyring. > A busy server and many processess accessing the keyfile might raise the > chance of this above 'neglectable'. This is bad. However, the upstream makes no attempt to properly maintain PGP5, and I'm orphaning it as a package. I'm not spending my time on something that should be obsoleted as soon as possible. I suggest you use GnuPG. Let's see if the new maintainer (ejb@debian.org) wants to fix this. -- tv@{{hq.yok.utu,havoc,gaeshido}.fi,{debian,wanderer}.org,stonesoft.com} unix, linux, debian, networks, security, | Three things are certain: kernel, TCP/IP, C, perl, free software, | Death, taxes, and lost data. mail, www, sw devel, unix admin, hacks. | Guess which has occurred.   Acknowledgement sent to Tommi Virtanen <tv@debian.org>:
Extra info received and forwarded to list.   -t  From: owner@bugs.debian.org (Debian Bug Tracking System) To: Tommi Virtanen Subject: Bug#56833: Info received (was Bug#56833: PGP5i has temp-file problems) Message-ID: In-Reply-To: <20000205003605.A6699@hq.yok.utu.fi> References: <20000205003605.A6699@hq.yok.utu.fi> X-Debian-PR-Message: ack-info-maintonly 56833 Thank you for the additional information you have supplied regarding this problem report. It has been forwarded to the developer(s) and to the developers mailing list to accompany the original report. If you wish to continue to submit further information on your problem, please send it to 56833@bugs.debian.org, as before. Please do not reply to the address at the top of this message, unless you wish to report a problem with the Bug-tracking system. Darren Benham (administrator, Debian Bugs database)   Received: (at 56833) by bugs.debian.org; 4 Feb 2000 22:36:13 +0000 Received: (qmail 20549 invoked from network); 4 Feb 2000 22:36:12 -0000 Received: from hq.yok.utu.fi (qmailr@130.232.128.220) by master.debian.org with SMTP; 4 Feb 2000 22:36:12 -0000 Received: (qmail 6926 invoked by uid 1000); 4 Feb 2000 22:36:05 -0000 Date: Sat, 5 Feb 2000 00:36:05 +0200 From: Tommi Virtanen To: Guido Witmond , ejb@debian.org Cc: 56833@bugs.debian.org Subject: Re: Bug#56833: PGP5i has temp-file problems Message-ID: <20000205003605.A6699@hq.yok.utu.fi> References: <20000202013212.A818@dataweb.nl> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii User-Agent: Mutt/1.0i In-Reply-To: <20000202013212.A818@dataweb.nl>; from guido@dataweb.nl on Wed, Feb 02, 2000 at 01:32:12AM +0100 On Wed, Feb 02, 2000 at 01:32:12AM +0100, Guido Witmond wrote: > The pgpk program creates a temporary file with the name ~/.pgp/pubring.pg0 > when operating on the public key ring. > > The problems encountered: > > 1) it ignores any files and symlimks and happily overwrites any file with > this name. > Potential damage: any file that can be access by the user can be corrupted. This is irrelevant, as the file is created in a directory the owned by the user himself, and not writable by others. You can only attack yourself with this. > 2) it does not lock the temp file for concurrent access, leading to race > conditions during later filename shuffling. It might lead to loss of > service or (speculating) corruption of the public keyring. > A busy server and many processess accessing the keyfile might raise the > chance of this above 'neglectable'. This is bad. However, the upstream makes no attempt to properly maintain PGP5, and I'm orphaning it as a package. I'm not spending my time on something that should be obsoleted as soon as possible. I suggest you use GnuPG. Let's see if the new maintainer (ejb@debian.org) wants to fix this. -- tv@{{hq.yok.utu,havoc,gaeshido}.fi,{debian,wanderer}.org,stonesoft.com} unix, linux, debian, networks, security, | Three things are certain: kernel, TCP/IP, C, perl, free software, | Death, taxes, and lost data. mail, www, sw devel, unix admin, hacks. | Guess which has occurred.   Reply sent to Barry deFreese <bddebian@comcast.net>:
You have taken responsibility.   -t  MIME-Version: 1.0 X-Mailer: MIME-tools 5.420 (Entity 5.420) X-Loop: owner@bugs.debian.org From: owner@bugs.debian.org (Debian Bug Tracking System) To: Barry deFreese Subject: Bug#56833: marked as done (PGP5i has temp-file problems) Message-ID: References: <1208291393.843085.17577.nullmailer@comcast.net> <20000202013212.A818@dataweb.nl> X-Debian-PR-Message: closed 56833 X-Debian-PR-Package: pgp5i Content-Type: multipart/mixed; boundary="----------=_1208291586-13204-0" This is a multi-part message in MIME format... ------------=_1208291586-13204-0 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=utf-8 Your message dated Tue, 15 Apr 2008 16:29:53 -0400 with message-id <1208291393.843085.17577.nullmailer@comcast.net> and subject line pgp5i has been removed from Debian, closing #56833 has caused the Debian Bug report #56833, regarding PGP5i has temp-file problems to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact owner@bugs.debian.org immediately.) --=20 56833: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=3D56833 Debian Bug Tracking System Contact owner@bugs.debian.org with problems ------------=_1208291586-13204-0 Content-Type: message/rfc822 Content-Disposition: inline Content-Transfer-Encoding: 7bit Received: (at submit) by bugs.debian.org; 1 Feb 2000 22:23:33 +0000 Received: (qmail 6686 invoked from network); 1 Feb 2000 22:23:28 -0000 Received: from noordeinde-39.denhaag.dataweb.nl (HELO this.is.my.net) (postfix@193.78.237.158) by master.debian.org with SMTP; 1 Feb 2000 22:23:28 -0000 Received: by this.is.my.net (Postfix, from userid 1000) id 36DDCC38DD; Wed, 2 Feb 2000 01:32:13 +0100 (CET) Date: Wed, 2 Feb 2000 01:32:12 +0100 From: Guido Witmond To: submit@bugs.debian.org Subject: PGP5i has temp-file problems Message-ID: <20000202013212.A818@dataweb.nl> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii User-Agent: Mutt/1.0.1i Package: pgp5i Version 5.0-3 Severity: normal The pgpk program creates a temporary file with the name ~/.pgp/pubring.pg0 when operating on the public key ring. The problems encountered: 1) it ignores any files and symlimks and happily overwrites any file with this name. Potential damage: any file that can be access by the user can be corrupted. 2) it does not lock the temp file for concurrent access, leading to race conditions during later filename shuffling. It might lead to loss of service or (speculating) corruption of the public keyring. A busy server and many processess accessing the keyfile might raise the chance of this above 'neglectable'. Ad 1) this guido 23:45 ~/.pgp > date > t this guido 23:46 ~/.pgp > ln -s t pubring.pg0 this guido 23:46 ~/.pgp > ls -l total 427 -rw-r--r-- 1 guido users 51 Apr 28 1996 config.txt -rw-r--r-- 1 guido users 51 Feb 1 22:18 pgp.cfg -rw------- 1 guido users 139817 Feb 1 23:26 pubring.bak lrwxrwxrwx 1 guido users 1 Feb 1 23:46 pubring.pg0 -> t -rw------- 1 guido users 141164 Feb 24 1999 pubring.pgp -rw------- 1 guido users 139817 Feb 1 23:45 pubring.pkr -rw------- 1 guido users 512 Feb 1 23:45 randseed.bin -rw------- 1 guido users 1061 Apr 4 1997 secring.SAVE -rw------- 1 guido users 1113 Feb 1 22:18 secring.bak -rw------- 1 guido users 1113 Jan 14 1999 secring.pgp -rw------- 1 guido users 1113 Feb 1 22:26 secring.skr -rw-r--r-- 1 guido users 29 Feb 1 23:46 t this guido 23:46 ~/.pgp > cat t Tue Feb 1 23:46:14 CET 2000 this guido 23:46 ~/.pgp > pgpk -xa witmond -o witm.asc this guido 23:46 ~/.pgp > ls -l total 568 -rw-r--r-- 1 guido users 51 Apr 28 1996 config.txt -rw-r--r-- 1 guido users 51 Feb 1 22:18 pgp.cfg -rw------- 1 guido users 139817 Feb 1 23:45 pubring.bak -rw------- 1 guido users 141164 Feb 24 1999 pubring.pgp -rw------- 1 guido users 139817 Feb 1 23:46 pubring.pkr -rw------- 1 guido users 512 Feb 1 23:46 randseed.bin -rw------- 1 guido users 1061 Apr 4 1997 secring.SAVE -rw------- 1 guido users 1113 Feb 1 22:18 secring.bak -rw------- 1 guido users 1113 Jan 14 1999 secring.pgp -rw------- 1 guido users 1113 Feb 1 22:26 secring.skr -rw-r--r-- 1 guido users 139817 Feb 1 23:46 t -rw------- 1 guido users 3236 Feb 1 23:46 witm.asc this guido 23:47 ~/.pgp > cmp t pubring.pkr this guido 23:47 ~/.pgp > Ad 2) $ strace pgpk -xa witmond -o witmond.asc [tracing until after this point] open("/home/guido/.pgp/pubring.pg0", O_RDWR|O_CREAT|O_TRUNC, 0666) = 6 and while copying the entire .pkr into .pg0 a second instance of pgpk also execute this open statement above, thereby truncating the work of the first process. The first process will do a: rmdir("/home/guido/.pgp/pubring.bak") = -1 ENOTDIR (Not a directory) unlink("/home/guido/.pgp/pubring.bak") = 0 rename("/home/guido/.pgp/pubring.pkr", "/home/guido/.pgp/pubring.bak") = 0 umask(077) = 022 open("/home/guido/.pgp/pubring.pkr", O_RDWR|O_CREAT|O_TRUNC, 0666) = 5 But as part of the .pg0 file is zeroed by the second process it will lead to: close(5) = 0 munmap(0x40015000, 4096) = 0 rmdir("/home/guido/.pgp/pubring.bak") = -1 ENOTDIR (Not a directory) unlink("/home/guido/.pgp/pubring.bak") = 0 rename("/home/guido/.pgp/pubring.pkr", "/home/guido/.pgp/pubring.bak") = 0 umask(077) = 022 open("/home/guido/.pgp/pubring.pkr", O_RDWR|O_CREAT|O_TRUNC, 0666) = 5 and later on it will detect it somehow: read(6, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 4096) = 409 6 write(2, "ASSERTION FAILED at pgpFileDB.c "..., 66ASSERTION FAILED at pgpFileDB. c line 129: (rdb->rfile) not true ) = 66 close(6) = 0 munmap(0x40016000, 4096) = 0 rmdir("/home/guido/.pgp/pubring.pg0") = -1 ENOTDIR (Not a directory) unlink("/home/guido/.pgp/pubring.pg0") = 0 close(5) = 0 munmap(0x40015000, 4096) = 0 close(4) = 0 munmap(0x40014000, 4096) = 0 write(2, "Unable to open keyring: ", 25Unable to open keyring: ) = 25 write(2, "Bad data found where key\n", 25Bad data found where key ) = 25 Although it has restored the public key ring it has not performed the requested key export operation. Why it needs to copy my keyring twice just to _export_ a key puzzles me. As the fact that is reads the secring.skr file and updates the randseed.bin. Kind regards, Guido Witmond. (guido@debian.org) ------------=_1208291586-13204-0 Content-Type: message/rfc822 Content-Disposition: inline Content-Transfer-Encoding: 7bit Received: (at 56833-done) by bugs.debian.org; 15 Apr 2008 20:30:05 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.4-bugs.debian.org_2005_01_02 (2006-07-26) on rietz.debian.org X-Spam-Level: X-Spam-Status: No, score=-2.0 required=4.0 tests=BAYES_00,DNS_FROM_RFC_POST, FORGED_RCVD_HELO,SUBJ_HAS_UNIQ_ID autolearn=no version=3.1.4-bugs.debian.org_2005_01_02 Return-path: Received: from qmta04.westchester.pa.mail.comcast.net ([76.96.62.40]) by rietz.debian.org with esmtp (Exim 4.63) (envelope-from ) id 1Jlrlg-00009u-GT for 56833-done@bugs.debian.org; Tue, 15 Apr 2008 20:28:40 +0000 Received: from OMTA10.westchester.pa.mail.comcast.net ([76.96.62.28]) by QMTA04.westchester.pa.mail.comcast.net with comcast id DrY21Z00P0cZkys540C500; Tue, 15 Apr 2008 20:26:48 +0000 Received: from comcast.net ([63.81.56.182]) by OMTA10.westchester.pa.mail.comcast.net with comcast id DwUT1Z00J3vtSi73W00000; Tue, 15 Apr 2008 20:28:34 +0000 X-Authority-Analysis: v=1.0 c=1 a=NF1MXidRPDsA:10 a=9_ga3P1fZlUA:10 a=DwadSytwl4c7ND9cYdcA:9 a=aE1wZ2B-UBUHYXBtlHKbqzdMiq0A:4 a=10sAvMsTeQkA:10 Received: (nullmailer pid 17578 invoked by uid 1000); Tue, 15 Apr 2008 20:29:53 -0000 From: Barry deFreese To: 56833-done@bugs.debian.org Subject: pgp5i has been removed from Debian, closing #56833 Date: Tue, 15 Apr 2008 16:29:53 -0400 Message-Id: <1208291393.843085.17577.nullmailer@comcast.net> Version: 5.0-8+rm The pgp5i package has been removed from Debian testing, unstable and experimental, so I am now closing the bugs that were still opened against it. Don't hesitate to reply to this mail if you have any question. Thank you for your contribution to Debian. Barry deFreese ------------=_1208291586-13204-0--   Notification sent to Guido Witmond <guido@dataweb.nl>:
Bug acknowledged by developer.   -t  MIME-Version: 1.0 X-Mailer: MIME-tools 5.420 (Entity 5.420) X-Loop: owner@bugs.debian.org From: owner@bugs.debian.org (Debian Bug Tracking System) To: Guido Witmond Subject: Bug#56833 closed by Barry deFreese (pgp5i has been removed from Debian, closing #56833) Message-ID: References: <1208291393.843085.17577.nullmailer@comcast.net> <20000202013212.A818@dataweb.nl> X-Debian-PR-Message: they-closed 56833 X-Debian-PR-Package: pgp5i Reply-To: 56833@bugs.debian.org Content-Type: multipart/mixed; boundary="----------=_1208291586-13204-1" This is a multi-part message in MIME format... ------------=_1208291586-13204-1 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" This is an automatic notification regarding your Bug report which was filed against the pgp5i package: #56833: PGP5i has temp-file problems It has been closed by Barry deFreese . Their explanation is attached below along with your original report. If this explanation is unsatisfactory and you have not received a better one in a separate message then please contact Barry deFreese by replying to this email. --=20 56833: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=3D56833 Debian Bug Tracking System Contact owner@bugs.debian.org with problems ------------=_1208291586-13204-1 Content-Type: message/rfc822 Content-Disposition: inline Content-Transfer-Encoding: 7bit Received: (at 56833-done) by bugs.debian.org; 15 Apr 2008 20:30:05 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.4-bugs.debian.org_2005_01_02 (2006-07-26) on rietz.debian.org X-Spam-Level: X-Spam-Status: No, score=-2.0 required=4.0 tests=BAYES_00,DNS_FROM_RFC_POST, FORGED_RCVD_HELO,SUBJ_HAS_UNIQ_ID autolearn=no version=3.1.4-bugs.debian.org_2005_01_02 Return-path: Received: from qmta04.westchester.pa.mail.comcast.net ([76.96.62.40]) by rietz.debian.org with esmtp (Exim 4.63) (envelope-from ) id 1Jlrlg-00009u-GT for 56833-done@bugs.debian.org; Tue, 15 Apr 2008 20:28:40 +0000 Received: from OMTA10.westchester.pa.mail.comcast.net ([76.96.62.28]) by QMTA04.westchester.pa.mail.comcast.net with comcast id DrY21Z00P0cZkys540C500; Tue, 15 Apr 2008 20:26:48 +0000 Received: from comcast.net ([63.81.56.182]) by OMTA10.westchester.pa.mail.comcast.net with comcast id DwUT1Z00J3vtSi73W00000; Tue, 15 Apr 2008 20:28:34 +0000 X-Authority-Analysis: v=1.0 c=1 a=NF1MXidRPDsA:10 a=9_ga3P1fZlUA:10 a=DwadSytwl4c7ND9cYdcA:9 a=aE1wZ2B-UBUHYXBtlHKbqzdMiq0A:4 a=10sAvMsTeQkA:10 Received: (nullmailer pid 17578 invoked by uid 1000); Tue, 15 Apr 2008 20:29:53 -0000 From: Barry deFreese To: 56833-done@bugs.debian.org Subject: pgp5i has been removed from Debian, closing #56833 Date: Tue, 15 Apr 2008 16:29:53 -0400 Message-Id: <1208291393.843085.17577.nullmailer@comcast.net> Version: 5.0-8+rm The pgp5i package has been removed from Debian testing, unstable and experimental, so I am now closing the bugs that were still opened against it. Don't hesitate to reply to this mail if you have any question. Thank you for your contribution to Debian. Barry deFreese ------------=_1208291586-13204-1 Content-Type: message/rfc822 Content-Disposition: inline Content-Transfer-Encoding: 7bit Received: (at submit) by bugs.debian.org; 1 Feb 2000 22:23:33 +0000 Received: (qmail 6686 invoked from network); 1 Feb 2000 22:23:28 -0000 Received: from noordeinde-39.denhaag.dataweb.nl (HELO this.is.my.net) (postfix@193.78.237.158) by master.debian.org with SMTP; 1 Feb 2000 22:23:28 -0000 Received: by this.is.my.net (Postfix, from userid 1000) id 36DDCC38DD; Wed, 2 Feb 2000 01:32:13 +0100 (CET) Date: Wed, 2 Feb 2000 01:32:12 +0100 From: Guido Witmond To: submit@bugs.debian.org Subject: PGP5i has temp-file problems Message-ID: <20000202013212.A818@dataweb.nl> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii User-Agent: Mutt/1.0.1i Package: pgp5i Version 5.0-3 Severity: normal The pgpk program creates a temporary file with the name ~/.pgp/pubring.pg0 when operating on the public key ring. The problems encountered: 1) it ignores any files and symlimks and happily overwrites any file with this name. Potential damage: any file that can be access by the user can be corrupted. 2) it does not lock the temp file for concurrent access, leading to race conditions during later filename shuffling. It might lead to loss of service or (speculating) corruption of the public keyring. A busy server and many processess accessing the keyfile might raise the chance of this above 'neglectable'. Ad 1) this guido 23:45 ~/.pgp > date > t this guido 23:46 ~/.pgp > ln -s t pubring.pg0 this guido 23:46 ~/.pgp > ls -l total 427 -rw-r--r-- 1 guido users 51 Apr 28 1996 config.txt -rw-r--r-- 1 guido users 51 Feb 1 22:18 pgp.cfg -rw------- 1 guido users 139817 Feb 1 23:26 pubring.bak lrwxrwxrwx 1 guido users 1 Feb 1 23:46 pubring.pg0 -> t -rw------- 1 guido users 141164 Feb 24 1999 pubring.pgp -rw------- 1 guido users 139817 Feb 1 23:45 pubring.pkr -rw------- 1 guido users 512 Feb 1 23:45 randseed.bin -rw------- 1 guido users 1061 Apr 4 1997 secring.SAVE -rw------- 1 guido users 1113 Feb 1 22:18 secring.bak -rw------- 1 guido users 1113 Jan 14 1999 secring.pgp -rw------- 1 guido users 1113 Feb 1 22:26 secring.skr -rw-r--r-- 1 guido users 29 Feb 1 23:46 t this guido 23:46 ~/.pgp > cat t Tue Feb 1 23:46:14 CET 2000 this guido 23:46 ~/.pgp > pgpk -xa witmond -o witm.asc this guido 23:46 ~/.pgp > ls -l total 568 -rw-r--r-- 1 guido users 51 Apr 28 1996 config.txt -rw-r--r-- 1 guido users 51 Feb 1 22:18 pgp.cfg -rw------- 1 guido users 139817 Feb 1 23:45 pubring.bak -rw------- 1 guido users 141164 Feb 24 1999 pubring.pgp -rw------- 1 guido users 139817 Feb 1 23:46 pubring.pkr -rw------- 1 guido users 512 Feb 1 23:46 randseed.bin -rw------- 1 guido users 1061 Apr 4 1997 secring.SAVE -rw------- 1 guido users 1113 Feb 1 22:18 secring.bak -rw------- 1 guido users 1113 Jan 14 1999 secring.pgp -rw------- 1 guido users 1113 Feb 1 22:26 secring.skr -rw-r--r-- 1 guido users 139817 Feb 1 23:46 t -rw------- 1 guido users 3236 Feb 1 23:46 witm.asc this guido 23:47 ~/.pgp > cmp t pubring.pkr this guido 23:47 ~/.pgp > Ad 2) $ strace pgpk -xa witmond -o witmond.asc [tracing until after this point] open("/home/guido/.pgp/pubring.pg0", O_RDWR|O_CREAT|O_TRUNC, 0666) = 6 and while copying the entire .pkr into .pg0 a second instance of pgpk also execute this open statement above, thereby truncating the work of the first process. The first process will do a: rmdir("/home/guido/.pgp/pubring.bak") = -1 ENOTDIR (Not a directory) unlink("/home/guido/.pgp/pubring.bak") = 0 rename("/home/guido/.pgp/pubring.pkr", "/home/guido/.pgp/pubring.bak") = 0 umask(077) = 022 open("/home/guido/.pgp/pubring.pkr", O_RDWR|O_CREAT|O_TRUNC, 0666) = 5 But as part of the .pg0 file is zeroed by the second process it will lead to: close(5) = 0 munmap(0x40015000, 4096) = 0 rmdir("/home/guido/.pgp/pubring.bak") = -1 ENOTDIR (Not a directory) unlink("/home/guido/.pgp/pubring.bak") = 0 rename("/home/guido/.pgp/pubring.pkr", "/home/guido/.pgp/pubring.bak") = 0 umask(077) = 022 open("/home/guido/.pgp/pubring.pkr", O_RDWR|O_CREAT|O_TRUNC, 0666) = 5 and later on it will detect it somehow: read(6, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 4096) = 409 6 write(2, "ASSERTION FAILED at pgpFileDB.c "..., 66ASSERTION FAILED at pgpFileDB. c line 129: (rdb->rfile) not true ) = 66 close(6) = 0 munmap(0x40016000, 4096) = 0 rmdir("/home/guido/.pgp/pubring.pg0") = -1 ENOTDIR (Not a directory) unlink("/home/guido/.pgp/pubring.pg0") = 0 close(5) = 0 munmap(0x40015000, 4096) = 0 close(4) = 0 munmap(0x40014000, 4096) = 0 write(2, "Unable to open keyring: ", 25Unable to open keyring: ) = 25 write(2, "Bad data found where key\n", 25Bad data found where key ) = 25 Although it has restored the public key ring it has not performed the requested key export operation. Why it needs to copy my keyring twice just to _export_ a key puzzles me. As the fact that is reads the secring.skr file and updates the randseed.bin. Kind regards, Guido Witmond. (guido@debian.org) ------------=_1208291586-13204-1--   Received: (at 56833-done) by bugs.debian.org; 15 Apr 2008 20:30:05 +0000 From bdefreese@comcast.net Tue Apr 15 20:30:05 2008 X-Spam-Checker-Version: SpamAssassin 3.1.4-bugs.debian.org_2005_01_02 (2006-07-26) on rietz.debian.org X-Spam-Level: X-Spam-Status: No, score=-2.0 required=4.0 tests=BAYES_00,DNS_FROM_RFC_POST, FORGED_RCVD_HELO,SUBJ_HAS_UNIQ_ID autolearn=no version=3.1.4-bugs.debian.org_2005_01_02 Return-path: Received: from qmta04.westchester.pa.mail.comcast.net ([76.96.62.40]) by rietz.debian.org with esmtp (Exim 4.63) (envelope-from ) id 1Jlrlg-00009u-GT for 56833-done@bugs.debian.org; Tue, 15 Apr 2008 20:28:40 +0000 Received: from OMTA10.westchester.pa.mail.comcast.net ([76.96.62.28]) by QMTA04.westchester.pa.mail.comcast.net with comcast id DrY21Z00P0cZkys540C500; Tue, 15 Apr 2008 20:26:48 +0000 Received: from comcast.net ([63.81.56.182]) by OMTA10.westchester.pa.mail.comcast.net with comcast id DwUT1Z00J3vtSi73W00000; Tue, 15 Apr 2008 20:28:34 +0000 X-Authority-Analysis: v=1.0 c=1 a=NF1MXidRPDsA:10 a=9_ga3P1fZlUA:10 a=DwadSytwl4c7ND9cYdcA:9 a=aE1wZ2B-UBUHYXBtlHKbqzdMiq0A:4 a=10sAvMsTeQkA:10 Received: (nullmailer pid 17578 invoked by uid 1000); Tue, 15 Apr 2008 20:29:53 -0000 From: Barry deFreese To: 56833-done@bugs.debian.org Subject: pgp5i has been removed from Debian, closing #56833 Date: Tue, 15 Apr 2008 16:29:53 -0400 Message-Id: <1208291393.843085.17577.nullmailer@comcast.net> Version: 5.0-8+rm The pgp5i package has been removed from Debian testing, unstable and experimental, so I am now closing the bugs that were still opened against it. Don't hesitate to reply to this mail if you have any question. Thank you for your contribution to Debian. Barry deFreese