SOURCES: vixie-cron-sgid-crontab.patch - updated (but it's just co...
prism
prism at pld-linux.org
Mon Jul 25 12:46:20 CEST 2005
Author: prism Date: Mon Jul 25 10:46:20 2005 GMT
Module: SOURCES Tag: HEAD
---- Log message:
- updated (but it's just cosmetics now, maybe it's not so needed)
---- Files affected:
SOURCES:
vixie-cron-sgid-crontab.patch (1.1 -> 1.2)
---- Diffs:
================================================================
Index: SOURCES/vixie-cron-sgid-crontab.patch
diff -u SOURCES/vixie-cron-sgid-crontab.patch:1.1 SOURCES/vixie-cron-sgid-crontab.patch:1.2
--- SOURCES/vixie-cron-sgid-crontab.patch:1.1 Fri Aug 15 11:35:02 2003
+++ SOURCES/vixie-cron-sgid-crontab.patch Mon Jul 25 12:46:14 2005
@@ -1,140 +1,29 @@
---- vixie-cron-3.0.1/database.c.orig 2003-08-15 10:32:02.000000000 +0200
-+++ vixie-cron-3.0.1/database.c 2003-08-15 10:36:17.000000000 +0200
-@@ -24,7 +24,9 @@
-
-
- #include "cron.h"
-+#define __USE_GNU
- #include <fcntl.h>
-+#undef __USE_GNU
- #include <sys/stat.h>
- #include <sys/file.h>
-
-@@ -209,8 +211,28 @@
- log_it(fname, getpid(), "ORPHAN", "no passwd entry");
+diff -uNr vixie-cron-4.1.p21/database.c vixie-cron-4.1/database.c
+--- vixie-cron-4.1.p21/database.c 2005-07-24 22:39:30.000000000 +0200
++++ vixie-cron-4.1/database.c 2005-07-24 23:50:09.000000000 +0200
+@@ -234,7 +234,12 @@
goto next_crontab;
}
+
+#ifdef __linux
-+/*
-+ * Linux 2.2+, glibc 2.1+.
-+ *
-+ * This and the checks below are an attempt to reduce the damage that
-+ * can be done by someone with write access to the crontab directory.
-+ * Once the crontab binary is no longer SUID root, a vulnerability in
-+ * crontab wouldn't provide root access any longer, so it makes sense
-+ * for cron to not trust the directory contents.
-+ */
-+ if ((crontab_fd = open(tabname, O_RDONLY | O_NOFOLLOW, 0)) < OK) {
+ if ((crontab_fd = open(tabname, O_RDONLY|O_NONBLOCK|O_NOFOLLOW, 0)) < OK) {
+#else
-+/*
-+ * XXX: should use lstat before open and a dev/ino check afterwards.
-+ * In fact, that would be helpful with O_NOFOLLOW as well due to the
-+ * side-effects on open and possibility for device hard links. (Write
-+ * access to the crontab directory implies DoS possibilities for cron,
-+ * but doesn't have to allow for new attacks on the rest of the system.)
-+ */
-
- if ((crontab_fd = open(tabname, O_RDONLY, 0)) < OK) {
++ if ((crontab_fd = open(tabname, O_RDONLY, 0)) < OK) {
+#endif
++
/* crontab not accessible?
*/
log_it(fname, getpid(), "CAN'T OPEN", tabname);
-@@ -222,6 +244,26 @@
- goto next_crontab;
- }
-
-+ if (pw &&
-+ statbuf->st_uid != pw->pw_uid &&
-+ statbuf->st_uid != ROOT_UID) {
-+ log_it(fname, getpid(), "WRONG FILE OWNER", tabname);
-+ goto next_crontab;
-+ }
-+
-+/*
-+ * The link count check is not sufficient (the owner may delete their
-+ * original link, reducing the link count back to 1), but this is all
-+ * we've got.
-+ */
-+ if (pw &&
-+ (!S_ISREG(statbuf->st_mode) ||
-+ statbuf->st_nlink != 1 ||
-+ (statbuf->st_mode & 07777) != 0600)) {
-+ log_it(fname, getpid(), "WRONG INODE INFO", tabname);
-+ goto next_crontab;
-+ }
-+
- Debug(DLOAD, ("\t%s:", fname))
- u = find_user(old_db, fname);
- if (u != NULL) {
---- vixie-cron-3.0.1/misc.c.orig 2003-08-15 10:36:23.000000000 +0200
-+++ vixie-cron-3.0.1/misc.c 2003-08-15 10:38:04.000000000 +0200
-@@ -655,10 +655,21 @@
-
-
- #ifdef HAVE_SAVED_SUIDS
--static int save_euid;
--int swap_uids() { save_euid = geteuid(); return seteuid(getuid()); }
--int swap_uids_back() { return seteuid(save_euid); }
-+static uid_t save_euid, save_egid;
-+int swap_uids()
-+{
-+ save_euid = geteuid(); save_egid = getegid();
-+ return (setegid(getgid()) || seteuid(getuid())) ? -1 : 0;
-+}
-+int swap_uids_back()
-+{
-+ return (setegid(save_egid) || seteuid(save_euid)) ? -1 : 0;
-+}
- #else /*HAVE_SAVED_UIDS*/
--int swap_uids() { return setreuid(geteuid(), getuid()); }
-+int swap_uids()
-+{
-+ return (setregid(getegid(), getgid()) || setreuid(geteuid(), getuid()))
-+ ? -1 : 0;
-+}
- int swap_uids_back() { return swap_uids(); }
- #endif /*HAVE_SAVED_UIDS*/
---- vixie-cron-3.0.1/crontab.c.orig 2003-08-15 10:45:52.000000000 +0200
-+++ vixie-cron-3.0.1/crontab.c 2003-08-15 10:47:45.000000000 +0200
-@@ -103,7 +103,6 @@
- setlinebuf(stderr);
+diff -uNr vixie-cron-4.1.p21/externs.h vixie-cron-4.1/externs.h
+--- vixie-cron-4.1.p21/externs.h 2005-07-23 12:40:30.000000000 +0200
++++ vixie-cron-4.1/externs.h 2005-07-24 23:46:21.000000000 +0200
+@@ -36,7 +36,9 @@
#endif
- parse_args(argc, argv); /* sets many globals, opens a file */
-- set_cron_uid();
- set_cron_cwd();
- if (!allowed(User)) {
- fprintf(stderr,
-@@ -410,6 +409,10 @@
- goto fatal;
- case 0:
- /* child */
-+ if (setgid(getgid()) < 0) {
-+ perror("setgid(getgid())");
-+ exit(ERROR_EXIT);
-+ }
- if (setuid(saved_uid) < 0) {
- perror("setuid(getuid())");
- exit(ERROR_EXIT);
-@@ -507,6 +510,7 @@
- FILE *tmp;
- int ch, eof;
- entry *e;
-+ uid_t file_owner;
- time_t now = time(NULL);
- char **envp = env_init();
-
-@@ -570,11 +574,12 @@
- fclose(tmp); unlink(tn);
- return (-1);
- }
-+ file_owner = (getgid() == getegid()) ? ROOT_UID : pw->pw_uid;
-
- #ifdef HAS_FCHOWN
-- if (fchown(fileno(tmp), ROOT_UID, -1) < OK)
-+ if (fchown(fileno(tmp), file_owner, -1) < OK)
- #else
-- if (chown(tn, ROOT_UID, -1) < OK)
-+ if (chown(TempFilename, file_owner, -1) < OK)
- #endif
- {
- perror("chown");
+ #include <dirent.h>
+ #include <errno.h>
++#define __USE_GNU
+ #include <fcntl.h>
++#undef __USE_GNU
+ #include <grp.h>
+ #include <locale.h>
+ #include <pwd.h>
================================================================
---- CVS-web:
http://cvs.pld-linux.org/SOURCES/vixie-cron-sgid-crontab.patch?r1=1.1&r2=1.2&f=u
More information about the pld-cvs-commit
mailing list