pool/spice-vdagent
SHA256
4
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
spice-vdagent/vdagentd-Avoid-calling-chmod.patch
Bruce Rogers 6ff184c434 Accepting request 846096 from home:bfrogers:branches:Virtualization 
- Fix multiple security issues as outlined in bsc#1173749
  bsc#1177780 bsc#1177781 bsc#1177782 bsc#1177783
  CVE-2020-25650 CVE-2020-25651 CVE-2020-25652 CVE-2020-25653
  systemd-login-Avoid-a-crash-on-container.patch
  vdagentd-Use-bool-for-agent_owns_clipboard-and-clien.patch
  vdagentd-Automatically-release-agent_data.patch
  vdagent-connection-Pass-err-to-g_credentials_get_uni.patch
  vdagentd-Better-check-for-vdagent_connection_get_pee.patch
  vdagentd-Avoid-calling-chmod.patch
  Avoids-unchecked-file-transfer-IDs-allocation-and-us.patch
  Avoids-uncontrolled-active_xfers-allocations.patch
  Avoids-unlimited-agent-connections.patch
  Avoids-user-session-hijacking.patch
  Better-check-for-sessions.patch
  vdagentd-Limit-number-of-agents-per-session-to-1.patch
  cleanup-active_xfers-when-the-client-disconnects.patch
  vdagentd-do-not-allow-to-use-an-already-used-file-xf.patch
  Add-a-test-for-session_info.patch
- Add a check section to run internal tests. Note that by default
  the added session_info test is not run, as it doesn't work in
  context of build service

OBS-URL: https://build.opensuse.org/request/show/846096
OBS-URL: https://build.opensuse.org/package/show/Virtualization/spice-vdagent?expand=0&rev=41
2020-11-05 00:50:56 +00:00

53 lines
1.7 KiB
Diff
Raw Blame History

From f5f4506f6cb25bfd556f815565090a57296771ee Mon Sep 17 00:00:00 2001
From: Frediano Ziglio <freddy77@gmail.com>
Date: Thu, 24 Sep 2020 12:13:24 +0100
Subject: [PATCH 01/10] vdagentd: Avoid calling chmod
References: bsc#1173749
Create the socket with the right permissions using umask.
This also prevents possible symlink exploitation in case socket
path is not secure.
Signed-off-by: Frediano Ziglio <freddy77@gmail.com>
Acked-by: Uri Lublin <uril@redhat.com>
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
src/vdagentd/vdagentd.c | 12 ++----------
1 file changed, 2 insertions(+), 10 deletions(-)
diff --git a/src/vdagentd/vdagentd.c b/src/vdagentd/vdagentd.c
index dca6980..a2b74bb 100644
--- a/src/vdagentd/vdagentd.c
+++ b/src/vdagentd/vdagentd.c
@@ -1208,7 +1208,9 @@ int main(int argc, char *argv[])
/* systemd socket activation not enabled, create our own */
#endif /* WITH_SYSTEMD_SOCKET_ACTIVATION */
{
+ mode_t mode = umask(0111);
udscs_server_listen_to_address(server, vdagentd_socket, &err);
+ umask(mode);
}
if (err) {
@@ -1219,16 +1221,6 @@ int main(int argc, char *argv[])
return 1;
}
- /* no need to set permissions on a socket that was provided by systemd */
- if (own_socket) {
- if (chmod(vdagentd_socket, 0666)) {
- syslog(LOG_CRIT, "Fatal could not change permissions on %s: %m",
- vdagentd_socket);
- udscs_destroy_server(server);
- return 1;
- }
- }
-
#ifdef WITH_STATIC_UINPUT
uinput = vdagentd_uinput_create(uinput_device, 1024, 768, NULL, 0,
debug > 1, uinput_fake);
--
2.28.0
Reference in New Issue View Git Blame Copy Permalink