Ack: [quantal CVE 1/1] UBUNTU: [Packaging] supply perf with appropriate prefix to ensure use of local config

[Brad Figg]

On 07/31/2013 07:09 PM, Andy Whitcroft wrote:
> If we do not supply an installation prefix when we are building perf
> it will assume it is designed to run relative to the builders HOME.
> This means that as built on a buildd we will check for the system
> configuration relative to the buildd users home rather than in /etc.
> This implies a local user could use this to compromise other users _if_
> there is a buildd user installed on the system and they have access to it.
>
> CVE-2013-1060
> BugLink: http://bugs.launchpad.net/bugs/1206200
> Signed-off-by: Andy Whitcroft <apw at canonical.com>
> ---
>   debian/rules.d/2-binary-arch.mk | 2 +-
>   1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/debian/rules.d/2-binary-arch.mk b/debian/rules.d/2-binary-arch.mk
> index 23367bb..7a04bcb 100644
> --- a/debian/rules.d/2-binary-arch.mk
> +++ b/debian/rules.d/2-binary-arch.mk
> @@ -440,7 +440,7 @@ $(stampdir)/stamp-build-perarch: $(stampdir)/stamp-prepare-perarch
>   	@echo Debug: $@
>   ifeq ($(do_tools),true)
>   	cd $(builddirpa)/tools/perf && \
> -		make HAVE_CPLUS_DEMANGLE=1 CROSS_COMPILE=$(CROSS_COMPILE)
> +		make prefix=/usr HAVE_CPLUS_DEMANGLE=1 CROSS_COMPILE=$(CROSS_COMPILE)
>   	if [ "$(arch)" = "amd64" ] || [ "$(arch)" = "i386" ]; then \
>   		cd $(builddirpa)/tools/power/x86/x86_energy_perf_policy && make CROSS_COMPILE=$(CROSS_COMPILE); \
>   		cd $(builddirpa)/tools/power/x86/turbostat && make CROSS_COMPILE=$(CROSS_COMPILE); \
>


-- 
Brad Figg brad.figg at canonical.com http://www.canonical.com