NetBSD Problem Report #58438

From www@netbsd.org  Thu Jul 18 08:02:23 2024
Return-Path: <www@netbsd.org>
Received: from mail.netbsd.org (mail.netbsd.org [199.233.217.200])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (2048 bits)
	 client-signature RSA-PSS (2048 bits))
	(Client CN "mail.NetBSD.org", Issuer "mail.NetBSD.org CA" (not verified))
	by mollari.NetBSD.org (Postfix) with ESMTPS id 167001A9239
	for <gnats-bugs@gnats.NetBSD.org>; Thu, 18 Jul 2024 08:02:23 +0000 (UTC)
Message-Id: <20240718080221.B33781A923A@mollari.NetBSD.org>
Date: Thu, 18 Jul 2024 08:02:21 +0000 (UTC)
From: 13mdf@fege.net
Reply-To: 13mdf@fege.net
To: gnats-bugs@NetBSD.org
Subject: Compatibility issues with per-user-temp [described security(7) man page]
X-Send-Pr-Version: www-1.0

>Number:         58438
>Category:       kern
>Synopsis:       Compatibility issues with per-user-temp [described security(7) man page]
>Confidential:   no
>Severity:       serious
>Priority:       low
>Responsible:    kern-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Thu Jul 18 08:05:00 +0000 2024
>Originator:     Marc Fege
>Release:        10.0
>Organization:
>Environment:
NetBSD rpi.familie.fege.local 10.0 NetBSD 10.0 (GENERIC64) #0: Thu Mar 28 08:33:33 UTC 2024  mkrepro@mkrepro.NetBSD.org:/usr/src/sys/arch/evbarm/compile/GENERIC64 evbarm
>Description:
Dear NetBSD community,

there seems to be a problem with the per-user-temp-function in the kernel, which seems to be incompatible with certain system-softwares like X(1) or even tmux(1), which expect to write their magic cookies and temp files directly to /tmp.  Those softwares might have a problem with those symlinks which relocates /tmp per-user-wise to a separate /private/tmp as stated in the security(7) man page.  Other programs like ed(1) or vi(1) do not have a problem to write to this symlinked temp directory on the other hand.

As I undertook correspondence in advance with the original author of this security enhancement from back in the day of 2006 and following, Elad Efrat, before opening this bug report, he recommended personally I should write here.
He says "it wouldn’t surprise [him] if some programs use a syscall or library function that prevents symlinks from working".

What did I do? I tested on arm64, amd64, i386 and vax the following steps with identical results as described above:

As root:
1.: mkdir -p /private/tmp

2.: chmod -R 755 /private

3.: Added in /etc/rc.conf:
    per_user_tmp="YES"

4.: Replaced /tmp mount point in /etc/fstab with following lines:
    #tmpfs        /tmp             tmpfs   rw,-m1777,-sram%65
    tmpfs         /private/tmp     tmpfs   rw,-m1755,-sram%65

5.: Rebooted.

I tried even to mess around with the file permissions of the directories (chmod -R 777 for example).  No effect what so ever for me.  Maybe one tries to reproduce that behaviour.  Does anyone has a clue, what might be the issue here in my procedures?  Maybe I forgot something or did something wrong, that Elad did not anticipated when he wrote this man page back in the day.

A propos man page: as an ordinary user in the field I would recommend to exemplificate the necessary steps in the man page a bit broader and give a few more examples or a detailed list of steps, what users should do to activate this feature successfully.  As you see, I took five steps to activate this feature whatsoever.  As mentioned: maybe I forgot something or did something wrong what was not anticipated when writing this man page.

Thank you in advance for an reply and
best regards -
Marc Fege
>How-To-Repeat:
As root:
1.: mkdir -p /private/tmp

2.: chmod -R 755 /private

3.: Added in /etc/rc.conf:
    per_user_tmp="YES"

4.: Replaced /tmp mount point in /etc/fstab with following lines:
    #tmpfs        /tmp             tmpfs   rw,-m1777,-sram%65
    tmpfs         /private/tmp     tmpfs   rw,-m1755,-sram%65

5.: Reboot.

6. Try to launch X(1) or tmux(1).
>Fix:

NetBSD Home
NetBSD PR Database Search

(Contact us) $NetBSD: query-full-pr,v 1.47 2022/09/11 19:34:41 kim Exp $
$NetBSD: gnats_config.sh,v 1.9 2014/08/02 14:16:04 spz Exp $
Copyright © 1994-2024 The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.