rpms / ecryptfs-utils

Clone
Source Code
GIT

Files

  1.   35f512705bb33a389fb6487997733cde3b58370a
  2.   ecryptfs-utils-90-CVE-2011-3145.patch
Blob Blame History Raw 
diff -up ecryptfs-utils-90/src/utils/mount.ecryptfs_private.c.CVE-2011-3145 ecryptfs-utils-90/src/utils/mount.ecryptfs_private.c
--- ecryptfs-utils-90/src/utils/mount.ecryptfs_private.c.CVE-2011-3145	2011-08-31 12:08:26.479493949 +0200
+++ ecryptfs-utils-90/src/utils/mount.ecryptfs_private.c	2011-08-31 12:10:09.014666213 +0200
@@ -274,12 +274,14 @@ int update_mtab(char *dev, char *mnt, ch
 	int fd;
 	FILE *old_mtab, *new_mtab;
 	struct mntent *old_ent, new_ent;
+	mode_t old_umask;
 
 	/* Make an attempt to play nice with other mount helpers
 	 * by creating an /etc/mtab~ lock file. Of course this
 	 * only works if those other helpers actually check for
 	 * this.
 	 */
+	old_umask = umask(033);
 	fd = open("/etc/mtab~", O_RDONLY | O_CREAT | O_EXCL, 0644);
 	if (fd < 0) {
 		perror("open");
@@ -332,6 +334,8 @@ int update_mtab(char *dev, char *mnt, ch
 
 	unlink("/etc/mtab~");
 
+	umask(old_umask);
+
 	return 0;
 
 fail:
@@ -341,6 +345,7 @@ fail_late:
 fail_early:
 	endmntent(old_mtab);
 	unlink("/etc/mtab~");
+	umask(old_umask);
 	return 1;
 }
 
@@ -476,7 +481,7 @@ int zero(FILE *fh) {
  *  c) updating /etc/mtab
  */
 int main(int argc, char *argv[]) {
-	int uid, mounting;
+	int uid, gid, mounting;
 	int force = 0;
 	struct passwd *pwd;
 	char *alias, *src, *dest, *opt, *opts2;
@@ -491,6 +496,7 @@ int main(int argc, char *argv[]) {
 	}
 	
 	uid = getuid();
+	gid = getgid();
 	/* Non-privileged effective uid is sufficient for all but the code
  	 * that mounts, unmounts, and updates /etc/mtab.
 	 * Run at a lower privilege until we need it.
@@ -618,7 +624,14 @@ int main(int argc, char *argv[]) {
 		 * the real uid to be that of the user.
 		 * And we need the effective uid to be root in order to mount.
 		 */
-		setreuid(-1, 0);
+		if (setreuid(-1, 0) < 0) {
+			perror("setreuid");
+			goto fail;
+		}
+		if (setregid(-1, 0) < 0) {
+			perror("setregid");
+			goto fail;
+		}
  		/* Perform mount */
 		if (mount(src, ".", FSTYPE, 0, opt) == 0) {
 			if (update_mtab(src, dest, opt) != 0) {
@@ -630,6 +643,9 @@ int main(int argc, char *argv[]) {
 			if (setreuid(uid, uid) < 0) {
 				perror("setreuid");
 			}
+			if (setregid(gid, gid) < 0) {
+				perror("setregid");
+			}
 			goto fail;
 		}
 	} else {
@@ -665,6 +681,7 @@ int main(int argc, char *argv[]) {
 		 * Do not use the umount.ecryptfs helper (-i).
  		 */
 		setresuid(0,0,0);
+		setresgid(0,0,0);
 
 		/* Since we're doing a lazy unmount anyway, just unmount the current
 		 * directory. This avoids a lot of complexity in dealing with race

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation