Switch to NSIS 3.03 to avoid DLL hijacking #13643
Conversation
|
Thanks, |
Early version of NSIS searches its DLL from the same directory of the executable. If a hacker can place some DLL files in the same directory of the bitcoin installer, the installer will load and run it with admin permission. Gitian is still in trusty. It shipped with NSIS 2.46, which is vulnerable to this issue. So in this fix, we instead build the latest NSIS by Gitian. Thanks to @wilson from Bitcoin Gold team for the fix. Borrowed some code from TOR project. Details: https://trac.torproject.org/projects/tor/ticket/17895
Currently our Windows gitian cross builds are broken, so we'd have to switch to bionic. (Or revert the qt depends bump) |
Note to reviewers: This pull request conflicts with the following ones:
If you consider this pull request important, please also help to review the conflicting pull requests. Ideally, start with the one that should be merged first. |
|
This has been fixed in nsis 2.50, and nsis in ubuntu bionic is version 2.51. |
Yeah, bionic could be even better. |
|
Holding out on reviewing this until after #13171 is merged or closed. |
|
Bitcoin Gold developer contributing for Bitcoin Core, nice 👍 |
|
Closing per #13643 (comment) |
8 participants
Early version of NSIS searches its DLL from the same directory of the executable. If a hacker can place some DLL files in the same directory of the bitcoin installer, the installer will load and run it with admin permission.
Gitian is still in trusty. It shipped with NSIS 2.46, which is vulnerable to this issue. So in this fix, we instead build the latest NSIS by Gitian.
Thanks to @wilsonmeier from Bitcoin Gold team for the fix. Borrowed some code from TOR project.
Details: https://trac.torproject.org/projects/tor/ticket/17895