Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Evergreen:11.2:Test
libcap
libcap-CVE-2011-4099.diff
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File libcap-CVE-2011-4099.diff of Package libcap
From af725c50c2930485947bd958dbdf984faf8fc1ba Mon Sep 17 00:00:00 2001 From: "Andrew G. Morgan" <morgan@kernel.org> Date: Sun, 24 Jul 2011 19:17:25 -0700 Subject: [PATCH] Change directory to "/" after --chroot operation. Thanks to Steve Grubb for suggesting this. He wrote: ========= I was reviewing something recently and discovered a problem in capsh. The capsh program has a --chroot command line option. Inspecting the code shows that it does not do a chdir("/") after calling chroot. This means that '.' is outside the chroot. Additional info: http://cwe.mitre.org/data/definitions/243.html ========= Signed-off-by: Andrew G. Morgan <morgan@kernel.org> --- progs/capsh.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) --- a/progs/capsh.c +++ b/progs/capsh.c @@ -243,10 +243,16 @@ perror("unable to lower CAP_SYS_CHROOT"); exit(1); } + /* + * Given we are now in a new directory tree, its good practice + * to start off in a sane location + */ + status = chdir("/"); + cap_free(orig); if (status != 0) { - fprintf(stderr, "Unable to chroot to [%s]", argv[i]+9); + fprintf(stderr, "Unable to chroot/chdir to [%s]", argv[i]+9); exit(1); } } else if (!memcmp("--secbits=", argv[i], 10)) {
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor