mirror of https://github.com/vitalif/e2fsprogs
uuidd: Fix issues identified by SuSE's security team
SuSE's security team audited uuidd and came up with these issues. None of them are serious given that uuidd runs setuid as a unprivileged user which has no special access other than libuuid directory, but it's good to get them fixed. Signed-off-by: Matthias Koenig <mkoenig@suse.de> Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>bitmap-optimize
parent
82e541885e
commit
4415b03eaa
46
misc/uuidd.c
46
misc/uuidd.c
|
@ -52,6 +52,12 @@ static void usage(const char *progname)
|
|||
exit(1);
|
||||
}
|
||||
|
||||
static void die(const char *msg)
|
||||
{
|
||||
perror(msg);
|
||||
exit(1);
|
||||
}
|
||||
|
||||
static void create_daemon(void)
|
||||
{
|
||||
pid_t pid;
|
||||
|
@ -75,7 +81,8 @@ static void create_daemon(void)
|
|||
chdir("/");
|
||||
(void) setsid();
|
||||
euid = geteuid();
|
||||
(void) setreuid(euid, euid);
|
||||
if (setreuid(euid, euid) < 0)
|
||||
die("setreuid");
|
||||
}
|
||||
|
||||
static int read_all(int fd, char *buf, size_t count)
|
||||
|
@ -132,7 +139,8 @@ static int call_daemon(const char *socket_path, int op, char *buf,
|
|||
}
|
||||
|
||||
srv_addr.sun_family = AF_UNIX;
|
||||
strcpy(srv_addr.sun_path, socket_path);
|
||||
strncpy(srv_addr.sun_path, socket_path, sizeof(srv_addr.sun_path));
|
||||
srv_addr.sun_path[sizeof(srv_addr.sun_path)-1] = '\0';
|
||||
|
||||
if (connect(s, (const struct sockaddr *) &srv_addr,
|
||||
sizeof(struct sockaddr_un)) < 0) {
|
||||
|
@ -252,7 +260,8 @@ static void server_loop(const char *socket_path, const char *pidfile_path,
|
|||
* Create the address we will be binding to.
|
||||
*/
|
||||
my_addr.sun_family = AF_UNIX;
|
||||
strcpy(my_addr.sun_path, socket_path);
|
||||
strncpy(my_addr.sun_path, socket_path, sizeof(my_addr.sun_path));
|
||||
my_addr.sun_path[sizeof(my_addr.sun_path)-1] = '\0';
|
||||
(void) unlink(socket_path);
|
||||
save_umask = umask(0);
|
||||
if (bind(s, (const struct sockaddr *) &my_addr,
|
||||
|
@ -415,11 +424,11 @@ int main(int argc, char **argv)
|
|||
switch (c) {
|
||||
case 'd':
|
||||
debug++;
|
||||
drop_privs++;
|
||||
drop_privs = 1;
|
||||
break;
|
||||
case 'k':
|
||||
do_kill++;
|
||||
drop_privs++;
|
||||
drop_privs = 1;
|
||||
break;
|
||||
case 'n':
|
||||
num = strtol(optarg, &tmp, 0);
|
||||
|
@ -429,18 +438,18 @@ int main(int argc, char **argv)
|
|||
}
|
||||
case 'p':
|
||||
pidfile_path = optarg;
|
||||
drop_privs++;
|
||||
drop_privs = 1;
|
||||
break;
|
||||
case 'q':
|
||||
quiet++;
|
||||
break;
|
||||
case 's':
|
||||
socket_path = optarg;
|
||||
drop_privs++;
|
||||
drop_privs = 1;
|
||||
break;
|
||||
case 't':
|
||||
do_type = UUIDD_OP_TIME_UUID;
|
||||
drop_privs++;
|
||||
drop_privs = 1;
|
||||
break;
|
||||
case 'T':
|
||||
timeout = strtol(optarg, &tmp, 0);
|
||||
|
@ -451,7 +460,7 @@ int main(int argc, char **argv)
|
|||
break;
|
||||
case 'r':
|
||||
do_type = UUIDD_OP_RANDOM_UUID;
|
||||
drop_privs++;
|
||||
drop_privs = 1;
|
||||
break;
|
||||
default:
|
||||
usage(argv[0]);
|
||||
|
@ -460,15 +469,20 @@ int main(int argc, char **argv)
|
|||
uid = getuid();
|
||||
if (uid && drop_privs) {
|
||||
gid = getgid();
|
||||
#ifdef HAVE_SETRESUID
|
||||
setresuid(uid, uid, uid);
|
||||
#else
|
||||
setreuid(uid, uid);
|
||||
#endif
|
||||
#ifdef HAVE_SETRESGID
|
||||
setresgid(gid, gid, gid);
|
||||
if (setresgid(gid, gid, gid) < 0)
|
||||
die("setresgid");
|
||||
#else
|
||||
setregid(gid, gid);
|
||||
if (setregid(gid, gid) < 0)
|
||||
die("setregid");
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_SETRESUID
|
||||
if (setresuid(uid, uid, uid) < 0)
|
||||
die("setresuid");
|
||||
#else
|
||||
if (setreuid(uid, uid) < 0)
|
||||
die("setreuid");
|
||||
#endif
|
||||
}
|
||||
if (num && do_type) {
|
||||
|
|
Loading…
Reference in New Issue