File ecryptfs-utils-CVE-2011-3145.patch of Package ecryptfs-utils.import5541
Index: ecryptfs-utils-83/src/utils/mount.ecryptfs_private.c
===================================================================
--- ecryptfs-utils-83.orig/src/utils/mount.ecryptfs_private.c
+++ ecryptfs-utils-83/src/utils/mount.ecryptfs_private.c
@@ -221,12 +221,14 @@ int update_mtab(char *dev, char *mnt, ch
int fd;
FILE *old_mtab, *new_mtab;
struct mntent *old_ent, new_ent;
+ mode_t old_umask;
/* Make an attempt to play nice with other mount helpers
* by creating an /etc/mtab~ lock file. Of course this
* only works if those other helpers actually check for
* this.
*/
+ old_umask = umask(0333);
fd = open("/etc/mtab~", O_RDONLY | O_CREAT | O_EXCL, 0644);
if (fd < 0) {
perror("open");
@@ -279,6 +281,8 @@ int update_mtab(char *dev, char *mnt, ch
unlink("/etc/mtab~");
+ umask(old_umask);
+
return 0;
fail:
@@ -288,6 +292,7 @@ fail_late:
fail_early:
endmntent(old_mtab);
unlink("/etc/mtab~");
+ umask(old_umask);
return 1;
}
@@ -424,7 +429,7 @@ int zero(FILE *fh) {
* c) updating /etc/mtab
*/
int main(int argc, char *argv[]) {
- int uid, mounting;
+ int uid, gid, mounting;
int force = 0;
int fnek = 1;
struct passwd *pwd;
@@ -433,6 +438,7 @@ int main(int argc, char *argv[]) {
FILE *fh_counter = NULL;
uid = getuid();
+ gid = getgid();
/* Non-privileged effective uid is sufficient for all but the code
* that mounts, unmounts, and updates /etc/mtab.
* Run at a lower privilege until we need it.
@@ -549,7 +555,16 @@ int main(int argc, char *argv[]) {
* the real uid to be that of the user.
* And we need the effective uid to be root in order to mount.
*/
- setreuid(-1, 0);
+ if (setreuid(-1, 0) < 0) {
+ perror("setreuid");
+ return 1;
+ }
+ if (setregid(-1, 0) < 0) {
+ perror("setregid");
+ setreuid(uid, uid);
+ return 1;
+ }
+
/* Perform mount */
if (mount(dev, ".", FSTYPE, 0, opt) == 0) {
if (update_mtab(dev, mnt, opt) != 0) {
@@ -561,6 +576,9 @@ int main(int argc, char *argv[]) {
if (setreuid(uid, uid) < 0) {
perror("setreuid");
}
+ if (setregid(gid, gid) < 0) {
+ perror("setregid");
+ }
goto fail;
}
} else {
@@ -581,6 +599,7 @@ int main(int argc, char *argv[]) {
* Do not use the umount.ecryptfs helper (-i).
*/
setresuid(0,0,0);
+ setresgid(0,0,0);
execl("/bin/umount", "umount", "-i", "-l", ".", NULL);
perror("execl unmount failed");
goto fail;