From e38774dea8d0a23b952a423b4e7a946f0f570149 Mon Sep 17 00:00:00 2001 From: Jakub Filak Date: Fri, 17 Apr 2015 14:42:13 +0200 Subject: [PATCH] ccpp: harden dealing with UID/GID * Don't fall back to UID 0 (fixed in libreport) * Use fsgid. This issue was discovered by Florian Weimer of Red Hat Product Security. Signed-off-by: Jakub Filak --- src/hooks/abrt-hook-ccpp.c | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/src/hooks/abrt-hook-ccpp.c b/src/hooks/abrt-hook-ccpp.c index 9d9f549..92413e3 100644 --- a/src/hooks/abrt-hook-ccpp.c +++ b/src/hooks/abrt-hook-ccpp.c @@ -163,16 +163,13 @@ static DIR *open_cwd(pid_t pid) return cwd; } -static int open_user_core(uid_t uid, uid_t fsuid, pid_t pid, char **percent_values) +static int open_user_core(uid_t uid, uid_t fsuid, gid_t fsgid, pid_t pid, char **percent_values) { proc_cwd = open_cwd(pid); if (proc_cwd == NULL) return -1; - struct passwd* pw = getpwuid(uid); - gid_t gid = pw ? pw->pw_gid : uid; - //log("setting uid: %i gid: %i", uid, gid); - xsetegid(gid); + xsetegid(fsgid); xseteuid(fsuid); if (strcmp(core_basename, "core") == 0) @@ -525,6 +522,10 @@ int main(int argc, char** argv) if (tmp_fsuid < 0) perror_msg_and_die("Can't parse 'Uid: line' in /proc/%lu/status", (long)pid); + const int fsgid = get_fsgid(proc_pid_status); + if (fsgid < 0) + error_msg_and_die("Can't parse 'Gid: line' in /proc/%lu/status", (long)pid); + int suid_policy = dump_suid_policy(); if (tmp_fsuid != uid) { @@ -543,7 +544,7 @@ int main(int argc, char** argv) int user_core_fd = -1; if (setting_MakeCompatCore && ulimit_c != 0) /* note: checks "user_pwd == NULL" inside; updates core_basename */ - user_core_fd = open_user_core(uid, fsuid, pid, &argv[1]); + user_core_fd = open_user_core(uid, fsuid, fsgid, pid, &argv[1]); if (executable == NULL) { -- 2.1.0