diff options
Diffstat (limited to 'testing/multipath-tools/multipath-tools-0.4.8-socket-cve-2009-0115.patch')
| -rw-r--r-- | testing/multipath-tools/multipath-tools-0.4.8-socket-cve-2009-0115.patch | 29 |
1 files changed, 29 insertions, 0 deletions
diff --git a/testing/multipath-tools/multipath-tools-0.4.8-socket-cve-2009-0115.patch b/testing/multipath-tools/multipath-tools-0.4.8-socket-cve-2009-0115.patch new file mode 100644 index 0000000000..deab762065 --- /dev/null +++ b/testing/multipath-tools/multipath-tools-0.4.8-socket-cve-2009-0115.patch @@ -0,0 +1,29 @@ +From: Hannes Reinecke <hare@suse.de> +Date: Wed, 1 Apr 2009 20:31:01 +0000 (+0200) +Subject: [multipathd] /var/run/multipathd.sock is world-writable +X-Git-Url: http://git.kernel.org/gitweb.cgi?p=linux%2Fstorage%2Fmultipath-tools%2F.git;a=commitdiff_plain;h=0a0319d381249760c71023edbe0ac9c093bb4a74;hp=15d4bdddcb9b71e0ec6fecc3c37a1b8cae8f51ff + +[multipathd] /var/run/multipathd.sock is world-writable + +Due to an stray 'umask()' the socket file is in fact world-writable, +allowing for an easy exploit. + +References: 458598 +--- + +diff --git a/multipathd/main.c b/multipathd/main.c +index 8a1a63d..9957f1f 100644 +--- a/multipathd/main.c ++++ b/multipathd/main.c +@@ -1454,8 +1454,9 @@ daemonize(void) + + close(in_fd); + close(out_fd); +- chdir("/"); +- umask(0); ++ if (chdir("/") < 0) ++ fprintf(stderr, "cannot chdir to '/', continuing\n"); ++ + return 0; + } + |