|
 |
43fe83 |
From e93e8db21dfe3d62aa3f4684c3729de51b729feb Mon Sep 17 00:00:00 2001
|
|
|
43fe83 |
Message-Id: <e93e8db21dfe3d62aa3f4684c3729de51b729feb.1383321464.git.jdenemar@redhat.com>
|
|
|
43fe83 |
From: "Daniel P. Berrange" <berrange@redhat.com>
|
|
|
43fe83 |
Date: Wed, 30 Oct 2013 17:01:43 +0000
|
|
|
43fe83 |
Subject: [PATCH] Close all non-stdio FDs in virt-login-shell
|
|
|
43fe83 |
|
|
|
43fe83 |
CVE-2013-4400
|
|
|
43fe83 |
|
|
|
43fe83 |
We don't want to inherit any FDs in the new namespace
|
|
|
43fe83 |
except for the stdio FDs. Explicitly close them all,
|
|
|
43fe83 |
just in case some do not have the close-on-exec flag
|
|
|
43fe83 |
set.
|
|
|
43fe83 |
|
|
|
43fe83 |
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
|
|
|
43fe83 |
(cherry picked from commit b7fcc799ad5d8f3e55b89b94e599903e3c092467)
|
|
|
43fe83 |
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
|
|
|
43fe83 |
---
|
|
|
43fe83 |
tools/virt-login-shell.c | 12 ++++++++++++
|
|
|
43fe83 |
1 file changed, 12 insertions(+)
|
|
|
43fe83 |
|
|
|
43fe83 |
diff --git a/tools/virt-login-shell.c b/tools/virt-login-shell.c
|
|
|
43fe83 |
index 1157cd0..c2c9947 100644
|
|
|
43fe83 |
--- a/tools/virt-login-shell.c
|
|
|
43fe83 |
+++ b/tools/virt-login-shell.c
|
|
|
43fe83 |
@@ -308,6 +308,18 @@ main(int argc, char **argv)
|
|
|
43fe83 |
if (cpid == 0) {
|
|
|
43fe83 |
pid_t ccpid;
|
|
|
43fe83 |
|
|
|
43fe83 |
+ int openmax = sysconf(_SC_OPEN_MAX);
|
|
|
43fe83 |
+ int fd;
|
|
|
43fe83 |
+ if (openmax < 0) {
|
|
|
43fe83 |
+ virReportSystemError(errno, "%s",
|
|
|
43fe83 |
+ _("sysconf(_SC_OPEN_MAX) failed"));
|
|
|
43fe83 |
+ return EXIT_FAILURE;
|
|
|
43fe83 |
+ }
|
|
|
43fe83 |
+ for (fd = 3; fd < openmax; fd++) {
|
|
|
43fe83 |
+ int tmpfd = fd;
|
|
|
43fe83 |
+ VIR_MASS_CLOSE(tmpfd);
|
|
|
43fe83 |
+ }
|
|
|
43fe83 |
+
|
|
|
43fe83 |
/* Fork once because we don't want to affect
|
|
|
43fe83 |
* virt-login-shell's namespace itself
|
|
|
43fe83 |
*/
|
|
|
43fe83 |
--
|
|
|
43fe83 |
1.8.4.2
|
|
|
43fe83 |
|