checkpath: security fix for -m and -o options
Do not change permissions on the target if it is a file and has multiple hard links. This is necessary because a hard link can be an attack vector to gain privilege escalation. X-Gentoo-Bug: 540006 X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=540006
This commit is contained in:
parent
3100114bc1
commit
b17af3c85f
@ -133,6 +133,10 @@ static int do_check(char *path, uid_t uid, gid_t gid, mode_t mode,
|
|||||||
}
|
}
|
||||||
|
|
||||||
if (mode && (st.st_mode & 0777) != mode) {
|
if (mode && (st.st_mode & 0777) != mode) {
|
||||||
|
if ((type != inode_dir) && (st.st_nlink != 1)) {
|
||||||
|
eerror("%s: chown: %s %s", applet, "Too many hard links to", path);
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
einfo("%s: correcting mode", path);
|
einfo("%s: correcting mode", path);
|
||||||
if (chmod(path, mode)) {
|
if (chmod(path, mode)) {
|
||||||
eerror("%s: chmod: %s", applet, strerror(errno));
|
eerror("%s: chmod: %s", applet, strerror(errno));
|
||||||
@ -141,6 +145,10 @@ static int do_check(char *path, uid_t uid, gid_t gid, mode_t mode,
|
|||||||
}
|
}
|
||||||
|
|
||||||
if (chowner && (st.st_uid != uid || st.st_gid != gid)) {
|
if (chowner && (st.st_uid != uid || st.st_gid != gid)) {
|
||||||
|
if ((type != inode_dir) && (st.st_nlink != 1)) {
|
||||||
|
eerror("%s: chown: %s %s", applet, "Too many hard links to", path);
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
einfo("%s: correcting owner", path);
|
einfo("%s: correcting owner", path);
|
||||||
if (chown(path, uid, gid)) {
|
if (chown(path, uid, gid)) {
|
||||||
eerror("%s: chown: %s", applet, strerror(errno));
|
eerror("%s: chown: %s", applet, strerror(errno));
|
||||||
|
Loading…
Reference in New Issue
Block a user