|
Matej Habrnal |
fa1950 |
From e38774dea8d0a23b952a423b4e7a946f0f570149 Mon Sep 17 00:00:00 2001
|
|
Matej Habrnal |
fa1950 |
From: Jakub Filak <jfilak@redhat.com>
|
|
Matej Habrnal |
fa1950 |
Date: Fri, 17 Apr 2015 14:42:13 +0200
|
|
Matej Habrnal |
fa1950 |
Subject: [PATCH] ccpp: harden dealing with UID/GID
|
|
Matej Habrnal |
fa1950 |
|
|
Matej Habrnal |
fa1950 |
* Don't fall back to UID 0 (fixed in libreport)
|
|
Matej Habrnal |
fa1950 |
* Use fsgid.
|
|
Matej Habrnal |
fa1950 |
|
|
Matej Habrnal |
fa1950 |
This issue was discovered by Florian Weimer of Red Hat Product Security.
|
|
Matej Habrnal |
fa1950 |
|
|
Matej Habrnal |
fa1950 |
Signed-off-by: Jakub Filak <jfilak@redhat.com>
|
|
Matej Habrnal |
fa1950 |
---
|
|
Matej Habrnal |
fa1950 |
src/hooks/abrt-hook-ccpp.c | 13 +++++++------
|
|
Matej Habrnal |
fa1950 |
1 file changed, 7 insertions(+), 6 deletions(-)
|
|
Matej Habrnal |
fa1950 |
|
|
Matej Habrnal |
fa1950 |
diff --git a/src/hooks/abrt-hook-ccpp.c b/src/hooks/abrt-hook-ccpp.c
|
|
Matej Habrnal |
fa1950 |
index 9d9f549..92413e3 100644
|
|
Matej Habrnal |
fa1950 |
--- a/src/hooks/abrt-hook-ccpp.c
|
|
Matej Habrnal |
fa1950 |
+++ b/src/hooks/abrt-hook-ccpp.c
|
|
Matej Habrnal |
fa1950 |
@@ -163,16 +163,13 @@ static DIR *open_cwd(pid_t pid)
|
|
Matej Habrnal |
fa1950 |
return cwd;
|
|
Matej Habrnal |
fa1950 |
}
|
|
Matej Habrnal |
fa1950 |
|
|
Matej Habrnal |
fa1950 |
-static int open_user_core(uid_t uid, uid_t fsuid, pid_t pid, char **percent_values)
|
|
Matej Habrnal |
fa1950 |
+static int open_user_core(uid_t uid, uid_t fsuid, gid_t fsgid, pid_t pid, char **percent_values)
|
|
Matej Habrnal |
fa1950 |
{
|
|
Matej Habrnal |
fa1950 |
proc_cwd = open_cwd(pid);
|
|
Matej Habrnal |
fa1950 |
if (proc_cwd == NULL)
|
|
Matej Habrnal |
fa1950 |
return -1;
|
|
Matej Habrnal |
fa1950 |
|
|
Matej Habrnal |
fa1950 |
- struct passwd* pw = getpwuid(uid);
|
|
Matej Habrnal |
fa1950 |
- gid_t gid = pw ? pw->pw_gid : uid;
|
|
Matej Habrnal |
fa1950 |
- //log("setting uid: %i gid: %i", uid, gid);
|
|
Matej Habrnal |
fa1950 |
- xsetegid(gid);
|
|
Matej Habrnal |
fa1950 |
+ xsetegid(fsgid);
|
|
Matej Habrnal |
fa1950 |
xseteuid(fsuid);
|
|
Matej Habrnal |
fa1950 |
|
|
Matej Habrnal |
fa1950 |
if (strcmp(core_basename, "core") == 0)
|
|
Matej Habrnal |
fa1950 |
@@ -525,6 +522,10 @@ int main(int argc, char** argv)
|
|
Matej Habrnal |
fa1950 |
if (tmp_fsuid < 0)
|
|
Matej Habrnal |
fa1950 |
perror_msg_and_die("Can't parse 'Uid: line' in /proc/%lu/status", (long)pid);
|
|
Matej Habrnal |
fa1950 |
|
|
Matej Habrnal |
fa1950 |
+ const int fsgid = get_fsgid(proc_pid_status);
|
|
Matej Habrnal |
fa1950 |
+ if (fsgid < 0)
|
|
Matej Habrnal |
fa1950 |
+ error_msg_and_die("Can't parse 'Gid: line' in /proc/%lu/status", (long)pid);
|
|
Matej Habrnal |
fa1950 |
+
|
|
Matej Habrnal |
fa1950 |
int suid_policy = dump_suid_policy();
|
|
Matej Habrnal |
fa1950 |
if (tmp_fsuid != uid)
|
|
Matej Habrnal |
fa1950 |
{
|
|
Matej Habrnal |
fa1950 |
@@ -543,7 +544,7 @@ int main(int argc, char** argv)
|
|
Matej Habrnal |
fa1950 |
int user_core_fd = -1;
|
|
Matej Habrnal |
fa1950 |
if (setting_MakeCompatCore && ulimit_c != 0)
|
|
Matej Habrnal |
fa1950 |
/* note: checks "user_pwd == NULL" inside; updates core_basename */
|
|
Matej Habrnal |
fa1950 |
- user_core_fd = open_user_core(uid, fsuid, pid, &argv[1]);
|
|
Matej Habrnal |
fa1950 |
+ user_core_fd = open_user_core(uid, fsuid, fsgid, pid, &argv[1]);
|
|
Matej Habrnal |
fa1950 |
|
|
Matej Habrnal |
fa1950 |
if (executable == NULL)
|
|
Matej Habrnal |
fa1950 |
{
|
|
Matej Habrnal |
fa1950 |
--
|
|
Matej Habrnal |
fa1950 |
2.1.0
|
|
Matej Habrnal |
fa1950 |
|