|
Matej Habrnal |
fa1950 |
From ccbab90e154f7917178cc1d56d8990b01ea45023 Mon Sep 17 00:00:00 2001
|
|
Matej Habrnal |
fa1950 |
From: Jakub Filak <jfilak@redhat.com>
|
|
Matej Habrnal |
fa1950 |
Date: Wed, 15 Apr 2015 15:27:09 +0200
|
|
Matej Habrnal |
fa1950 |
Subject: [PATCH] ccpp: postpone changing ownership of new dump directories
|
|
Matej Habrnal |
fa1950 |
|
|
Matej Habrnal |
fa1950 |
Florian Weimer <fweimer@redhat.com>:
|
|
Matej Habrnal |
fa1950 |
|
|
Matej Habrnal |
fa1950 |
Currently, dd_create changes ownership of the directory immediately,
|
|
Matej Habrnal |
fa1950 |
when it is still empty. This means that any operations within the
|
|
Matej Habrnal |
fa1950 |
directory (which happen as the root user) can race with changes to
|
|
Matej Habrnal |
fa1950 |
the directory contents by the user. If you delay changing directory
|
|
Matej Habrnal |
fa1950 |
ownership until all the files have created and written, this is no
|
|
Matej Habrnal |
fa1950 |
longer a problem.
|
|
Matej Habrnal |
fa1950 |
|
|
Matej Habrnal |
fa1950 |
Related: #1211835
|
|
Matej Habrnal |
fa1950 |
|
|
Matej Habrnal |
fa1950 |
Signed-off-by: Jakub Filak <jfilak@redhat.com>
|
|
Matej Habrnal |
fa1950 |
---
|
|
Matej Habrnal |
fa1950 |
src/hooks/abrt-hook-ccpp.c | 9 ++++++++-
|
|
Matej Habrnal |
fa1950 |
1 file changed, 8 insertions(+), 1 deletion(-)
|
|
Matej Habrnal |
fa1950 |
|
|
Matej Habrnal |
fa1950 |
diff --git a/src/hooks/abrt-hook-ccpp.c b/src/hooks/abrt-hook-ccpp.c
|
|
Matej Habrnal |
fa1950 |
index 880daf6..04889da 100644
|
|
Matej Habrnal |
fa1950 |
--- a/src/hooks/abrt-hook-ccpp.c
|
|
Matej Habrnal |
fa1950 |
+++ b/src/hooks/abrt-hook-ccpp.c
|
|
Matej Habrnal |
fa1950 |
@@ -598,8 +598,12 @@ int main(int argc, char** argv)
|
|
Matej Habrnal |
fa1950 |
|
|
Matej Habrnal |
fa1950 |
/* use fsuid instead of uid, so we don't expose any sensitive
|
|
Matej Habrnal |
fa1950 |
* information of suided app in /var/tmp/abrt
|
|
Matej Habrnal |
fa1950 |
+ *
|
|
Matej Habrnal |
fa1950 |
+ * dd_create_skeleton() creates a new directory and leaves ownership to
|
|
Matej Habrnal |
fa1950 |
+ * the current user, hence, we have to call dd_reset_ownership() after the
|
|
Matej Habrnal |
fa1950 |
+ * directory is populated.
|
|
Matej Habrnal |
fa1950 |
*/
|
|
Matej Habrnal |
fa1950 |
- dd = dd_create(path, fsuid, DEFAULT_DUMP_DIR_MODE);
|
|
Matej Habrnal |
fa1950 |
+ dd = dd_create_skeleton(path, fsuid, DEFAULT_DUMP_DIR_MODE);
|
|
Matej Habrnal |
fa1950 |
if (dd)
|
|
Matej Habrnal |
fa1950 |
{
|
|
Matej Habrnal |
fa1950 |
char *rootdir = get_rootdir(pid);
|
|
Matej Habrnal |
fa1950 |
@@ -782,6 +786,9 @@ int main(int argc, char** argv)
|
|
Matej Habrnal |
fa1950 |
if (tid > 0 && setting_CreateCoreBacktrace)
|
|
Matej Habrnal |
fa1950 |
create_core_backtrace(tid, executable, signal_no, dd);
|
|
Matej Habrnal |
fa1950 |
|
|
Matej Habrnal |
fa1950 |
+ /* And finally set the right uid and gid */
|
|
Matej Habrnal |
fa1950 |
+ dd_reset_ownership(dd);
|
|
Matej Habrnal |
fa1950 |
+
|
|
Matej Habrnal |
fa1950 |
/* We close dumpdir before we start catering for crash storm case.
|
|
Matej Habrnal |
fa1950 |
* Otherwise, delete_dump_dir's from other concurrent
|
|
Matej Habrnal |
fa1950 |
* CCpp's won't be able to delete our dump (their delete_dump_dir
|
|
Matej Habrnal |
fa1950 |
--
|
|
Matej Habrnal |
fa1950 |
2.1.0
|
|
Matej Habrnal |
fa1950 |
|