Overview

File CVE-2011-1835.patch of Package ecryptfs-utils.import5541

Description: fix key poisoning via insecure temp directory handling
Author: Marc Deslauriers <marc.deslauriers@canonical.com>
Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/ecryptfs-utils/+bug/732628

Index: ecryptfs-utils-87/src/utils/ecryptfs-setup-private
===================================================================
--- ecryptfs-utils-87.orig/src/utils/ecryptfs-setup-private	2011-07-29 13:04:35.039423874 -0400
+++ ecryptfs-utils-87/src/utils/ecryptfs-setup-private	2011-07-29 13:05:03.769423866 -0400
@@ -380,7 +380,7 @@
 	# ramdisk, to keep it from leaking to the hard-drive.
 	temp=`mktemp /dev/shm/.ecryptfs-XXXXXX`
 	printf "%s" "$MOUNTPASS" > "$temp"
-	mv "$temp" "/dev/shm/.ecryptfs-$USER"
+	mv -f -T "$temp" "/dev/shm/.ecryptfs-$USER" || error "Could not create passphrase file"
 else
 	printf "%s\n%s" "$MOUNTPASS" "$LOGINPASS" | ecryptfs-wrap-passphrase "$HOME/.ecryptfs/wrapped-passphrase" - || error "$(gettext 'Could not wrap passphrase')"
 fi
openSUSE Build Service is sponsored by
Places