Blame 0099-a-a-i-d-t-a-cache-sanitize-umask.patch
|
Matej Habrnal |
fa1950 |
From 35fe31aceb8221fd8bd8ea8d48d1bb4f0fbdf837 Mon Sep 17 00:00:00 2001
|
|
Matej Habrnal |
fa1950 |
From: Jakub Filak <jfilak@redhat.com>
|
|
Matej Habrnal |
fa1950 |
Date: Wed, 29 Apr 2015 14:13:57 +0200
|
|
Matej Habrnal |
fa1950 |
Subject: [PATCH] a-a-i-d-t-a-cache: sanitize umask
|
|
Matej Habrnal |
fa1950 |
|
|
Matej Habrnal |
fa1950 |
We cannot trust anything when running suided program.
|
|
Matej Habrnal |
fa1950 |
|
|
Matej Habrnal |
fa1950 |
Related: #1216962
|
|
Matej Habrnal |
fa1950 |
|
|
Matej Habrnal |
fa1950 |
Signed-off-by: Jakub Filak <jfilak@redhat.com>
|
|
Matej Habrnal |
fa1950 |
---
|
|
Matej Habrnal |
fa1950 |
src/plugins/abrt-action-install-debuginfo-to-abrt-cache.c | 3 +++
|
|
Matej Habrnal |
fa1950 |
1 file changed, 3 insertions(+)
|
|
Matej Habrnal |
fa1950 |
|
|
Matej Habrnal |
fa1950 |
diff --git a/src/plugins/abrt-action-install-debuginfo-to-abrt-cache.c b/src/plugins/abrt-action-install-debuginfo-to-abrt-cache.c
|
|
Matej Habrnal |
fa1950 |
index 4fa1783..81b1486 100644
|
|
Matej Habrnal |
fa1950 |
--- a/src/plugins/abrt-action-install-debuginfo-to-abrt-cache.c
|
|
Matej Habrnal |
fa1950 |
+++ b/src/plugins/abrt-action-install-debuginfo-to-abrt-cache.c
|
|
Matej Habrnal |
fa1950 |
@@ -199,6 +199,9 @@ int main(int argc, char **argv)
|
|
Matej Habrnal |
fa1950 |
if (euid != 0)
|
|
Matej Habrnal |
fa1950 |
strcpy(path_env, "PATH=/usr/bin:/bin:"BIN_DIR);
|
|
Matej Habrnal |
fa1950 |
putenv(path_env);
|
|
Matej Habrnal |
fa1950 |
+
|
|
Matej Habrnal |
fa1950 |
+ /* Use safe umask */
|
|
Matej Habrnal |
fa1950 |
+ umask(0022);
|
|
Matej Habrnal |
fa1950 |
}
|
|
Matej Habrnal |
fa1950 |
|
|
Matej Habrnal |
fa1950 |
execvp(EXECUTABLE, (char **)args);
|
|
Matej Habrnal |
fa1950 |
--
|
|
Matej Habrnal |
fa1950 |
2.1.0
|
|
Matej Habrnal |
fa1950 |
|