From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) by finch.gentoo.org (Postfix) with ESMTP id CBEBB138A1A for ; Sun, 15 Feb 2015 22:10:08 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 5B42EE0829; Sun, 15 Feb 2015 22:10:07 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id EE8D8E0829 for ; Sun, 15 Feb 2015 22:10:06 +0000 (UTC) Received: from oystercatcher.gentoo.org (oystercatcher.gentoo.org [148.251.78.52]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id EF1C3340766 for ; Sun, 15 Feb 2015 22:10:05 +0000 (UTC) Received: from localhost.localdomain (localhost [127.0.0.1]) by oystercatcher.gentoo.org (Postfix) with ESMTP id A6A8111D68 for ; Sun, 15 Feb 2015 22:10:00 +0000 (UTC) From: "William Hubbs" To: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: 8bit Content-type: text/plain; charset=UTF-8 Reply-To: gentoo-dev@lists.gentoo.org, "William Hubbs" Message-ID: <1424037883.b17af3c85fc94ecc12857146ba2133a3782ead52.williamh@OpenRC> Subject: [gentoo-commits] proj/openrc:master commit in: src/rc/ X-VCS-Repository: proj/openrc X-VCS-Files: src/rc/checkpath.c X-VCS-Directories: src/rc/ X-VCS-Committer: williamh X-VCS-Committer-Name: William Hubbs X-VCS-Revision: b17af3c85fc94ecc12857146ba2133a3782ead52 X-VCS-Branch: master Date: Sun, 15 Feb 2015 22:10:00 +0000 (UTC) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org X-Archives-Salt: dbe6b597-ca6c-492a-b899-a166f2da369b X-Archives-Hash: 4dedd4a521681d703818e18a9b032224 commit: b17af3c85fc94ecc12857146ba2133a3782ead52 Author: William Hubbs gmail com> AuthorDate: Sun Feb 15 20:56:07 2015 +0000 Commit: William Hubbs gentoo org> CommitDate: Sun Feb 15 22:04:43 2015 +0000 URL: http://sources.gentoo.org/gitweb/?p=proj/openrc.git;a=commit;h=b17af3c8 checkpath: security fix for -m and -o options Do not change permissions on the target if it is a file and has multiple hard links. This is necessary because a hard link can be an attack vector to gain privilege escalation. X-Gentoo-Bug: 540006 X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=540006 --- src/rc/checkpath.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/src/rc/checkpath.c b/src/rc/checkpath.c index 94ab474..b6f1d6a 100644 --- a/src/rc/checkpath.c +++ b/src/rc/checkpath.c @@ -133,6 +133,10 @@ static int do_check(char *path, uid_t uid, gid_t gid, mode_t mode, } if (mode && (st.st_mode & 0777) != mode) { + if ((type != inode_dir) && (st.st_nlink != 1)) { + eerror("%s: chown: %s %s", applet, "Too many hard links to", path); + return -1; + } einfo("%s: correcting mode", path); if (chmod(path, mode)) { eerror("%s: chmod: %s", applet, strerror(errno)); @@ -141,6 +145,10 @@ static int do_check(char *path, uid_t uid, gid_t gid, mode_t mode, } if (chowner && (st.st_uid != uid || st.st_gid != gid)) { + if ((type != inode_dir) && (st.st_nlink != 1)) { + eerror("%s: chown: %s %s", applet, "Too many hard links to", path); + return -1; + } einfo("%s: correcting owner", path); if (chown(path, uid, gid)) { eerror("%s: chown: %s", applet, strerror(errno));