Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Evergreen:11.1:Test
puppet
0.25.x-9794-k5login-can-overwrite-arbitrary-fil...
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File 0.25.x-9794-k5login-can-overwrite-arbitrary-files-as-root.patch of Package puppet
From a4333c110ad084f205605708eaab52ad243d6c86 Mon Sep 17 00:00:00 2001 From: Daniel Pittman <daniel@puppetlabs.com> Date: Thu, 29 Sep 2011 00:26:13 -0700 Subject: [PATCH] (#9794) k5login can overwrite arbitrary files as root The k5login type is typically used to manage a file in the home directory of a user; the explicit purpose of the files is to allow access to other users. It writes to the target file directly, as root, without doing anything to secure the file. That would allow the owner of the home directory to symlink to anything on the system, and have it replaced with the correct content of the file. Which is a fairly obvious escalation to root the next time Puppet runs. Now, instead, fix that to securely write the target file in a predictable and secure fashion, using the `secure_open` helper. Signed-off-by: Daniel Pittman <daniel@puppetlabs.com> --- lib/puppet/type/k5login.rb | 4 +++- 1 files changed, 3 insertions(+), 1 deletions(-) diff --git a/lib/puppet/type/k5login.rb b/lib/puppet/type/k5login.rb index 5526fda..b13b34d 100644 --- a/lib/puppet/type/k5login.rb +++ b/lib/puppet/type/k5login.rb @@ -81,7 +81,9 @@ Puppet::Type.newtype(:k5login) do private def write(value) - File.open(@resource[:name], "w") { |f| f.puts value.join("\n") } + Puppet::Util.secure_open(@resource[:name], "w") do |f| + f.puts value.join("\n") + end end end end -- 1.7.6.4
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor