fffa5dcc99
escalation via virt-login-shell
ae53e5d1-CVE-2013-4400.patch, 8c3586ea-CVE-2013-4400.patch,
b7fcc799a-CVE-2013-4400.patch, 3e2f27e1-CVE-2013-4400.patch,
CVE-2013-4400-build-fix.patch
bnc#837609
- CVE-2013-4401: Fix perms for virConnectDomainXML{To,From}Native
57687fd6-CVE-2013-4401.patch
bnc#845704
OBS-URL: https://build.opensuse.org/package/show/Virtualization/libvirt?expand=0&rev=315
97 lines
2.6 KiB
Diff
97 lines
2.6 KiB
Diff
commit ae53e5d10e434e07079d7e3ba11ec654ba6a256e
|
|
Author: Daniel P. Berrange <berrange@redhat.com>
|
|
Date: Wed Oct 9 10:52:39 2013 +0100
|
|
|
|
Add helpers for getting env vars in a setuid environment
|
|
|
|
Care must be taken accessing env variables when running
|
|
setuid. Introduce a virGetEnvAllowSUID for env vars which
|
|
are safe to use in a setuid environment, and another
|
|
virGetEnvBlockSUID for vars which are not safe. Also add
|
|
a virIsSUID helper method for any other non-env var code
|
|
to use.
|
|
|
|
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
|
|
|
|
Index: libvirt-1.1.2/src/libvirt_private.syms
|
|
===================================================================
|
|
--- libvirt-1.1.2.orig/src/libvirt_private.syms
|
|
+++ libvirt-1.1.2/src/libvirt_private.syms
|
|
@@ -2042,6 +2042,8 @@ virFindFCHostCapableVport;
|
|
virFormatIntDecimal;
|
|
virGetDeviceID;
|
|
virGetDeviceUnprivSGIO;
|
|
+virGetEnvAllowSUID;
|
|
+virGetEnvBlockSUID;
|
|
virGetFCHostNameByWWN;
|
|
virGetGroupID;
|
|
virGetGroupList;
|
|
@@ -2060,6 +2062,7 @@ virIndexToDiskName;
|
|
virIsCapableFCHost;
|
|
virIsCapableVport;
|
|
virIsDevMapperDevice;
|
|
+virIsSUID;
|
|
virManageVport;
|
|
virParseNumber;
|
|
virParseOwnershipIds;
|
|
Index: libvirt-1.1.2/src/util/virutil.c
|
|
===================================================================
|
|
--- libvirt-1.1.2.orig/src/util/virutil.c
|
|
+++ libvirt-1.1.2/src/util/virutil.c
|
|
@@ -2116,3 +2116,42 @@ cleanup:
|
|
|
|
return rc;
|
|
}
|
|
+
|
|
+
|
|
+/**
|
|
+ * virGetEnvBlockSUID:
|
|
+ * @name: the environment variable name
|
|
+ *
|
|
+ * Obtain an environment variable which is unsafe to
|
|
+ * use when running setuid. If running setuid, a NULL
|
|
+ * value will be returned
|
|
+ */
|
|
+const char *virGetEnvBlockSUID(const char *name)
|
|
+{
|
|
+ return secure_getenv(name);
|
|
+}
|
|
+
|
|
+
|
|
+/**
|
|
+ * virGetEnvBlockSUID:
|
|
+ * @name: the environment variable name
|
|
+ *
|
|
+ * Obtain an environment variable which is safe to
|
|
+ * use when running setuid. The value will be returned
|
|
+ * even when running setuid
|
|
+ */
|
|
+const char *virGetEnvAllowSUID(const char *name)
|
|
+{
|
|
+ return getenv(name);
|
|
+}
|
|
+
|
|
+
|
|
+/**
|
|
+ * virIsSUID:
|
|
+ * Return a true value if running setuid. Does not
|
|
+ * check for elevated capabilities bits.
|
|
+ */
|
|
+bool virIsSUID(void)
|
|
+{
|
|
+ return getuid() != geteuid();
|
|
+}
|
|
Index: libvirt-1.1.2/src/util/virutil.h
|
|
===================================================================
|
|
--- libvirt-1.1.2.orig/src/util/virutil.h
|
|
+++ libvirt-1.1.2/src/util/virutil.h
|
|
@@ -172,4 +172,8 @@ int virCompareLimitUlong(unsigned long l
|
|
|
|
int virParseOwnershipIds(const char *label, uid_t *uidPtr, gid_t *gidPtr);
|
|
|
|
+const char *virGetEnvBlockSUID(const char *name);
|
|
+const char *virGetEnvAllowSUID(const char *name);
|
|
+bool virIsSUID(void);
|
|
+
|
|
#endif /* __VIR_UTIL_H__ */
|