csomh / source-git / rpm

Forked from source-git/rpm 4 years ago
Clone
Source Code
GIT

8feded Fix FA_TOUCH on files with suid/sgid bits and/or capabilities

3 files Authored by Panu Matilainen 4 years ago, Committed by Hunor Csomortáni 4 years ago,
raw patch tree parent
3 files changed. 49 lines added. 6 lines removed.
lib/fsm.c
file modified
+12 -5
tests/data/SPECS/replacetest.spec
file modified
+1 -1
tests/rpmverify.at
file modified
+36 -0 
    Fix FA_TOUCH on files with suid/sgid bits and/or capabilities
    
    FA_TOUCH used to set suffix to "" instead of NULL which causes fsmCommit()
    to rename the file onto itself, which is a bit dumb but mostly harmless
    with regular permission. On suid/sgid/capabilities we strip any extra
    privileges on rename to make sure hardlinks are neutered, and because
    rename occurs after other permissions etc setting, on FA_TOUCH those
    extra privileges are stripped and much brokenness will follow.
    
    A more minimal fix would be a strategically placed strcmp(), but NULL
    is what the rest of the fsm expects for no suffix and differentiating
    between empty and NULL suffix is too subtle for its own good as
    witnessed here. So now, NULL suffix is no suffix again and the rest
    of the code will do the right thing except where related to creation,
    and creation is what FA_TOUCH wont do so lets just explicitly skip it
    and restore the original code otherwise. The goto is ugly but reindenting
    gets even uglier, shrug. Add a test-case to go with it.
    
    This has been broken since its introduction in commit
    79ca74e15e15c1d91a9a31a9ee90abc91736f390 so all current 4.14.x versions
    are affected.
file modified
+12 -5
file modified
+1 -1
file modified
+36 -0

Powered by Pagure 5.13.3

SSH Hostkey/Fingerprint | Documentation