Blame SOURCES/0441-basic-fix-touch-creating-files-with-07777-mode.patch
|
 |
17b0f1 |
From 616db6ddcacd25e4c3a771cd317373971c9055ed Mon Sep 17 00:00:00 2001
|
|
|
17b0f1 |
From: =?UTF-8?q?Mantas=20Mikul=C4=97nas?= <grawity@gmail.com>
|
|
|
17b0f1 |
Date: Fri, 29 Jan 2016 23:36:08 +0200
|
|
|
17b0f1 |
Subject: [PATCH] basic: fix touch() creating files with 07777 mode
|
|
|
17b0f1 |
|
|
|
17b0f1 |
mode_t is unsigned, so MODE_INVALID < 0 can never be true.
|
|
|
17b0f1 |
|
|
|
17b0f1 |
This fixes a possible DoS where any user could fill /run by writing to
|
|
|
17b0f1 |
a world-writable /run/systemd/show-status.
|
|
|
17b0f1 |
|
|
|
17b0f1 |
Cherry-picked from: 06eeacb6fe029804f296b065b3ce91e796e1cd0e
|
|
|
17b0f1 |
Resolves: #1416062
|
|
|
17b0f1 |
---
|
|
|
17b0f1 |
src/shared/util.c | 3 ++-
|
|
|
17b0f1 |
1 file changed, 2 insertions(+), 1 deletion(-)
|
|
|
17b0f1 |
|
|
|
17b0f1 |
diff --git a/src/shared/util.c b/src/shared/util.c
|
|
|
17b0f1 |
index 66729f70e5..1070e32c4a 100644
|
|
|
17b0f1 |
--- a/src/shared/util.c
|
|
|
17b0f1 |
+++ b/src/shared/util.c
|
|
|
17b0f1 |
@@ -3908,7 +3908,8 @@ int touch_file(const char *path, bool parents, usec_t stamp, uid_t uid, gid_t gi
|
|
|
17b0f1 |
if (parents)
|
|
|
17b0f1 |
mkdir_parents(path, 0755);
|
|
|
17b0f1 |
|
|
|
17b0f1 |
- fd = open(path, O_WRONLY|O_CREAT|O_CLOEXEC|O_NOCTTY, mode > 0 ? mode : 0644);
|
|
|
17b0f1 |
+ fd = open(path, O_WRONLY|O_CREAT|O_CLOEXEC|O_NOCTTY,
|
|
|
17b0f1 |
+ (mode == 0 || mode == MODE_INVALID) ? 0644 : mode);
|
|
|
17b0f1 |
if (fd < 0)
|
|
|
17b0f1 |
return -errno;
|
|
|
17b0f1 |
|