/[smecontribs]/rpms/smeserver-vacation/contribs10/smeserver-vacation-1.1-bz9073-race.condition.vulnarability.patch
ViewVC logotype

Contents of /rpms/smeserver-vacation/contribs10/smeserver-vacation-1.1-bz9073-race.condition.vulnarability.patch

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph


Revision 1.1 - (show annotations) (download)
Tue Apr 14 14:42:38 2020 UTC (4 years, 7 months ago) by brianr
Branch: MAIN
CVS Tags: smeserver-vacation-1_1-34_el7_sme, smeserver-vacation-1_1-31_el7_sme, smeserver-vacation-1_1-32_el7_sme, smeserver-vacation-1_1-30_el7_sme, smeserver-vacation-1_1-35_el7_sme, smeserver-vacation-1_1-36_el7_sme, smeserver-vacation-1_1-26_el7_sme, smeserver-vacation-1_1-27_el7_sme, smeserver-vacation-1_1-33_el7_sme, smeserver-vacation-1_1-28_el7_sme, smeserver-vacation-1_1-29_el7_sme, HEAD
Initial import

1 diff -Nur smeserver-vacation-1.1.old/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/uservacations.pm smeserver-vacation-1.1/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/uservacations.pm
2 --- smeserver-vacation-1.1.old/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/uservacations.pm 2017-01-16 16:12:48.728000000 -0500
3 +++ smeserver-vacation-1.1/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/uservacations.pm 2017-01-16 16:32:49.593000000 -0500
4 @@ -414,14 +414,33 @@
5 $vacation_text =~ s/\r//g;
6
7 unlink $vfile;
8 + # for the next lines to avoid race condition vulnerability, we switch the effective user to
9 + # the one needed see SME #9073 . Those 4 lines are for explanation of the used variables.
10 + #$< - real user id (uid); unique value
11 + #$> - effective user id (euid); unique value
12 + #$( - real group id (gid); list (separated by spaces) of groups
13 + #$) - effective group id (egid); list (separated by spaces) of groups
14 +
15 + # remember the UID of the user currently running this script
16 + my $original_uid = $>;
17 + my $original_gid = $);
18 +
19 + # switch effective UID running this script to $user
20 + # in order to prevent race condition vulnerability
21 + my $uid = getpwnam($user) or die "Could not get UID for $user\n";
22 + my $gid = getgrnam($user) or die "Could not get GID for $user\n";
23 + $) = $gid;# should be switched first while still root!
24 + $> = $uid;
25 +
26 open (VACATION, ">$vfile")
27 or die ("Error opening vacation message.\n");
28
29 print VACATION "$vacation_text";
30 close VACATION;
31
32 - esmith::util::chownFile($user, $user,
33 - "/home/e-smith/files/users/$user/.vacation.msg");
34 + # switch effective UID and GID back to original user
35 + $> = $original_uid;
36 + $) = $original_gid;
37
38 $adb->set_prop($user, 'EmailVacation', $EmailVacation);
39 $adb->set_prop($user, 'EmailVacationFrom', $EmailVacationFrom);

admin@koozali.org
ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed