|
 |
25e938 |
diff -up ecryptfs-utils-90/src/utils/mount.ecryptfs_private.c.CVE-2011-3145 ecryptfs-utils-90/src/utils/mount.ecryptfs_private.c
|
|
|
25e938 |
--- ecryptfs-utils-90/src/utils/mount.ecryptfs_private.c.CVE-2011-3145 2011-08-31 12:08:26.479493949 +0200
|
|
|
25e938 |
+++ ecryptfs-utils-90/src/utils/mount.ecryptfs_private.c 2011-08-31 12:10:09.014666213 +0200
|
|
|
25e938 |
@@ -274,12 +274,14 @@ int update_mtab(char *dev, char *mnt, ch
|
|
|
25e938 |
int fd;
|
|
|
25e938 |
FILE *old_mtab, *new_mtab;
|
|
|
25e938 |
struct mntent *old_ent, new_ent;
|
|
|
25e938 |
+ mode_t old_umask;
|
|
|
25e938 |
|
|
|
25e938 |
/* Make an attempt to play nice with other mount helpers
|
|
|
25e938 |
* by creating an /etc/mtab~ lock file. Of course this
|
|
|
25e938 |
* only works if those other helpers actually check for
|
|
|
25e938 |
* this.
|
|
|
25e938 |
*/
|
|
|
25e938 |
+ old_umask = umask(033);
|
|
|
25e938 |
fd = open("/etc/mtab~", O_RDONLY | O_CREAT | O_EXCL, 0644);
|
|
|
25e938 |
if (fd < 0) {
|
|
|
25e938 |
perror("open");
|
|
|
25e938 |
@@ -332,6 +334,8 @@ int update_mtab(char *dev, char *mnt, ch
|
|
|
25e938 |
|
|
|
25e938 |
unlink("/etc/mtab~");
|
|
|
25e938 |
|
|
|
25e938 |
+ umask(old_umask);
|
|
|
25e938 |
+
|
|
|
25e938 |
return 0;
|
|
|
25e938 |
|
|
|
25e938 |
fail:
|
|
|
25e938 |
@@ -341,6 +345,7 @@ fail_late:
|
|
|
25e938 |
fail_early:
|
|
|
25e938 |
endmntent(old_mtab);
|
|
|
25e938 |
unlink("/etc/mtab~");
|
|
|
25e938 |
+ umask(old_umask);
|
|
|
25e938 |
return 1;
|
|
|
25e938 |
}
|
|
|
25e938 |
|
|
|
25e938 |
@@ -476,7 +481,7 @@ int zero(FILE *fh) {
|
|
|
25e938 |
* c) updating /etc/mtab
|
|
|
25e938 |
*/
|
|
|
25e938 |
int main(int argc, char *argv[]) {
|
|
|
25e938 |
- int uid, mounting;
|
|
|
25e938 |
+ int uid, gid, mounting;
|
|
|
25e938 |
int force = 0;
|
|
|
25e938 |
struct passwd *pwd;
|
|
|
25e938 |
char *alias, *src, *dest, *opt, *opts2;
|
|
|
25e938 |
@@ -491,6 +496,7 @@ int main(int argc, char *argv[]) {
|
|
|
25e938 |
}
|
|
|
25e938 |
|
|
|
25e938 |
uid = getuid();
|
|
|
25e938 |
+ gid = getgid();
|
|
|
25e938 |
/* Non-privileged effective uid is sufficient for all but the code
|
|
|
25e938 |
* that mounts, unmounts, and updates /etc/mtab.
|
|
|
25e938 |
* Run at a lower privilege until we need it.
|
|
|
25e938 |
@@ -618,7 +624,14 @@ int main(int argc, char *argv[]) {
|
|
|
25e938 |
* the real uid to be that of the user.
|
|
|
25e938 |
* And we need the effective uid to be root in order to mount.
|
|
|
25e938 |
*/
|
|
|
25e938 |
- setreuid(-1, 0);
|
|
|
25e938 |
+ if (setreuid(-1, 0) < 0) {
|
|
|
25e938 |
+ perror("setreuid");
|
|
|
25e938 |
+ goto fail;
|
|
|
25e938 |
+ }
|
|
|
25e938 |
+ if (setregid(-1, 0) < 0) {
|
|
|
25e938 |
+ perror("setregid");
|
|
|
25e938 |
+ goto fail;
|
|
|
25e938 |
+ }
|
|
|
25e938 |
/* Perform mount */
|
|
|
25e938 |
if (mount(src, ".", FSTYPE, 0, opt) == 0) {
|
|
|
25e938 |
if (update_mtab(src, dest, opt) != 0) {
|
|
|
25e938 |
@@ -630,6 +643,9 @@ int main(int argc, char *argv[]) {
|
|
|
25e938 |
if (setreuid(uid, uid) < 0) {
|
|
|
25e938 |
perror("setreuid");
|
|
|
25e938 |
}
|
|
|
25e938 |
+ if (setregid(gid, gid) < 0) {
|
|
|
25e938 |
+ perror("setregid");
|
|
|
25e938 |
+ }
|
|
|
25e938 |
goto fail;
|
|
|
25e938 |
}
|
|
|
25e938 |
} else {
|
|
|
25e938 |
@@ -665,6 +681,7 @@ int main(int argc, char *argv[]) {
|
|
|
25e938 |
* Do not use the umount.ecryptfs helper (-i).
|
|
|
25e938 |
*/
|
|
|
25e938 |
setresuid(0,0,0);
|
|
|
25e938 |
+ setresgid(0,0,0);
|
|
|
25e938 |
|
|
|
25e938 |
/* Since we're doing a lazy unmount anyway, just unmount the current
|
|
|
25e938 |
* directory. This avoids a lot of complexity in dealing with race
|