From c4fdd261576494d39f4a8ec5eba83f4c9783adc9 Mon Sep 17 00:00:00 2001
From: Leonardo Arena <rnalrd@gmail.com>
Date: Mon, 1 Nov 2010 11:05:26 +0000
Subject: testing/multipath-tools: move to main

---
 ...ultipath-tools-0.4.8-socket-cve-2009-0115.patch | 29 ++++++++++++++++++++++
 1 file changed, 29 insertions(+)
 create mode 100644 main/multipath-tools/multipath-tools-0.4.8-socket-cve-2009-0115.patch

(limited to 'main/multipath-tools/multipath-tools-0.4.8-socket-cve-2009-0115.patch')

diff --git a/main/multipath-tools/multipath-tools-0.4.8-socket-cve-2009-0115.patch b/main/multipath-tools/multipath-tools-0.4.8-socket-cve-2009-0115.patch
new file mode 100644
index 000000000..deab76206
--- /dev/null
+++ b/main/multipath-tools/multipath-tools-0.4.8-socket-cve-2009-0115.patch
@@ -0,0 +1,29 @@
+From: Hannes Reinecke <hare@suse.de>
+Date: Wed, 1 Apr 2009 20:31:01 +0000 (+0200)
+Subject: [multipathd] /var/run/multipathd.sock is world-writable
+X-Git-Url: http://git.kernel.org/gitweb.cgi?p=linux%2Fstorage%2Fmultipath-tools%2F.git;a=commitdiff_plain;h=0a0319d381249760c71023edbe0ac9c093bb4a74;hp=15d4bdddcb9b71e0ec6fecc3c37a1b8cae8f51ff
+
+[multipathd] /var/run/multipathd.sock is world-writable
+
+Due to an stray 'umask()' the socket file is in fact world-writable,
+allowing for an easy exploit.
+
+References: 458598
+---
+
+diff --git a/multipathd/main.c b/multipathd/main.c
+index 8a1a63d..9957f1f 100644
+--- a/multipathd/main.c
++++ b/multipathd/main.c
+@@ -1454,8 +1454,9 @@ daemonize(void)
+ 
+ 	close(in_fd);
+ 	close(out_fd);
+-	chdir("/");
+-	umask(0);
++	if (chdir("/") < 0)
++		fprintf(stderr, "cannot chdir to '/', continuing\n");
++
+ 	return 0;
+ }
+ 
-- 
cgit v1.2.3