* [gentoo-commits] gentoo-x86 commit in app-admin/bcfg2/files: bcfg2-1.2.2-CVE-2012-3366-Trigger-plugin.patch
@ 2012-06-29 6:28 Michael Weber (xmw)
0 siblings, 0 replies; 2+ messages in thread
From: Michael Weber (xmw) @ 2012-06-29 6:28 UTC (permalink / raw
To: gentoo-commits
xmw 12/06/29 06:28:40
Added: bcfg2-1.2.2-CVE-2012-3366-Trigger-plugin.patch
Log:
Revbump to fix trigger plugin security problem (bug 424025)
(Portage version: 2.1.11.3/cvs/Linux x86_64)
Revision Changes Path
1.1 app-admin/bcfg2/files/bcfg2-1.2.2-CVE-2012-3366-Trigger-plugin.patch
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-admin/bcfg2/files/bcfg2-1.2.2-CVE-2012-3366-Trigger-plugin.patch?rev=1.1&view=markup
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-admin/bcfg2/files/bcfg2-1.2.2-CVE-2012-3366-Trigger-plugin.patch?rev=1.1&content-type=text/plain
Index: bcfg2-1.2.2-CVE-2012-3366-Trigger-plugin.patch
===================================================================
Downloaded from http://trac.mcs.anl.gov/projects/bcfg2/changeset/a524967e8d5c4c22e49cd619aed20c87a316c0be/
Index: src/lib/Server/Plugins/Trigger.py
===================================================================
--- src/lib/Server/Plugins/Trigger.py (revision bf5040f75e71e25af0b9b5c2a9c098c5933d4acc)
+++ src/lib/Server/Plugins/Trigger.py (revision a524967e8d5c4c22e49cd619aed20c87a316c0be)
@@ -1,16 +1,6 @@
import os
+import pipes
import Bcfg2.Server.Plugin
-
-
-def async_run(prog, args):
- pid = os.fork()
- if pid:
- os.waitpid(pid, 0)
- else:
- dpid = os.fork()
- if not dpid:
- os.system(" ".join([prog] + args))
- os._exit(0)
-
+from subprocess import Popen, PIPE
class Trigger(Bcfg2.Server.Plugin.Plugin,
@@ -31,8 +21,29 @@
raise Bcfg2.Server.Plugin.PluginInitError
+ def async_run(self, args):
+ pid = os.fork()
+ if pid:
+ os.waitpid(pid, 0)
+ else:
+ dpid = os.fork()
+ if not dpid:
+ self.debug_log("Running %s" % " ".join(pipes.quote(a)
+ for a in args))
+ proc = Popen(args, stdin=PIPE, stdout=PIPE, stderr=PIPE)
+ (out, err) = proc.communicate()
+ rv = proc.wait()
+ if rv != 0:
+ self.logger.error("Trigger: Error running %s (%s): %s" %
+ (args[0], rv, err))
+ elif err:
+ self.debug_log("Trigger: Error: %s" % err)
+ os._exit(0)
+
def process_statistics(self, metadata, _):
args = [metadata.hostname, '-p', metadata.profile, '-g',
':'.join([g for g in metadata.groups])]
+ self.debug_log("running triggers")
for notifier in os.listdir(self.data):
+ self.debug_log("running %s" % notifier)
if ((notifier[-1] == '~') or
(notifier[:2] == '.#') or
@@ -40,5 +51,4 @@
(notifier in ['SCCS', '.svn', '4913'])):
continue
- npath = self.data + '/' + notifier
- self.logger.debug("Running %s %s" % (npath, " ".join(args)))
- async_run(npath, args)
+ npath = os.path.join(self.data, notifier)
+ self.async_run([npath] + args)
^ permalink raw reply [flat|nested] 2+ messages in thread
* [gentoo-commits] gentoo-x86 commit in app-admin/bcfg2/files: bcfg2-1.2.2-CVE-2012-3366-Trigger-plugin.patch
@ 2013-12-23 0:35 Tom Wijsman (tomwij)
0 siblings, 0 replies; 2+ messages in thread
From: Tom Wijsman (tomwij) @ 2013-12-23 0:35 UTC (permalink / raw
To: gentoo-commits
tomwij 13/12/23 00:35:07
Removed: bcfg2-1.2.2-CVE-2012-3366-Trigger-plugin.patch
Log:
[QA] Remove unused files.
(Portage version: HEAD/cvs/Linux x86_64, signed Manifest commit with key 6D34E57D)
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2013-12-23 0:35 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2013-12-23 0:35 [gentoo-commits] gentoo-x86 commit in app-admin/bcfg2/files: bcfg2-1.2.2-CVE-2012-3366-Trigger-plugin.patch Tom Wijsman (tomwij)
-- strict thread matches above, loose matches on Subject: below --
2012-06-29 6:28 Michael Weber (xmw)
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox