From 6dfd3f57d1b3b5f324e31a70179bfb60ad828bfe Mon Sep 17 00:00:00 2001 From: Ian Kent Date: Thu, 13 Dec 2007 09:54:50 +0000 Subject: [PATCH] - Bug 421371: CVE-2007-5964 autofs defaults don't restrict suid in /net [rawhide] - use mount option "nosuid" for "-hosts" map unless "suid" is explicily specified. --- autofs-5.0.2-hosts-nosuid-default.patch | 79 +++++++++++++++++++++++++ autofs.spec | 8 ++- 2 files changed, 86 insertions(+), 1 deletion(-) create mode 100644 autofs-5.0.2-hosts-nosuid-default.patch diff --git a/autofs-5.0.2-hosts-nosuid-default.patch b/autofs-5.0.2-hosts-nosuid-default.patch new file mode 100644 index 0000000..6821bf8 --- /dev/null +++ b/autofs-5.0.2-hosts-nosuid-default.patch @@ -0,0 +1,79 @@ +diff --git a/man/auto.master.5.in b/man/auto.master.5.in +index d488960..56aaa5d 100644 +--- a/man/auto.master.5.in ++++ b/man/auto.master.5.in +@@ -195,6 +195,9 @@ For example, with an entry in the master map of + .hy + accessing /net/myserver will mount exports from myserver on directories below + /net/myserver. ++.P ++NOTE: mounts done from a hosts map will be mounted with the "nosuid" option ++unless the "suid" option is explicitly given in the master map entry. + .SH LDAP MAPS + If the map type \fBldap\fP is specified the mapname is of the form + \fB[//servername/]dn\fP, where the optional \fBservername\fP is +diff --git a/modules/parse_sun.c b/modules/parse_sun.c +index 186e567..9a97329 100644 +--- a/modules/parse_sun.c ++++ b/modules/parse_sun.c +@@ -496,6 +496,7 @@ static int sun_mount(struct autofs_point *ap, const char *root, + int rv, cur_state; + char *mountpoint; + char *what; ++ char *type; + + if (*options == '\0') + options = NULL; +@@ -585,6 +586,36 @@ static int sun_mount(struct autofs_point *ap, const char *root, + mountpoint = alloca(namelen + 1); + sprintf(mountpoint, "%.*s", namelen, name); + ++ type = ap->entry->maps->type; ++ if (type && !strcmp(type, "hosts")) { ++ if (options) { ++ if (!strstr(options, "suid")) { ++ char *tmp = alloca(strlen(options) + 8); ++ if (!tmp) { ++ error(ap->logopt, MODPREFIX ++ "alloca failed for options"); ++ if (nonstrict) ++ return -1; ++ return 1; ++ } ++ strcpy(tmp, options); ++ strcat(tmp, ",nosuid"); ++ options = tmp; ++ } ++ } else { ++ char *tmp = alloca(7); ++ if (!tmp) { ++ error(ap->logopt, ++ MODPREFIX "alloca failed for options"); ++ if (nonstrict) ++ return -1; ++ return 1; ++ } ++ strcpy(tmp, "nosuid"); ++ options = tmp; ++ } ++ } ++ + pthread_setcancelstate(PTHREAD_CANCEL_DISABLE, &cur_state); + if (!strcmp(fstype, "nfs")) { + what = alloca(loclen + 1); +diff --git a/samples/auto.master b/samples/auto.master +index d4796a3..4995976 100644 +--- a/samples/auto.master ++++ b/samples/auto.master +@@ -5,6 +5,11 @@ + # For details of the format look at autofs(5). + # + /misc /etc/auto.misc ++# ++# NOTE: mounts done from a hosts map will be mounted with the ++# "nosuid" option unless the "suid" option is explicitly ++# given. ++# + /net -hosts + # + # Include central master map if it can be found using diff --git a/autofs.spec b/autofs.spec index 126e694..b823a23 100644 --- a/autofs.spec +++ b/autofs.spec @@ -4,7 +4,7 @@ Summary: A tool for automatically mounting and unmounting filesystems Name: autofs Version: 5.0.2 -Release: 19 +Release: 21 Epoch: 1 License: GPL Group: System Environment/Daemons @@ -55,6 +55,7 @@ Patch41: autofs-5.0.2-large-groups.patch Patch42: autofs-5.0.2-report-failed-lookups.patch Patch43: autofs-5.0.2-dynamic-logging-non-sasl.patch Patch44: autofs-5.0.2-singleton-host-list.patch +Patch45: autofs-5.0.2-hosts-nosuid-default.patch Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) BuildRequires: autoconf, hesiod-devel, openldap-devel, bison, flex, libxml2-devel, cyrus-sasl-devel, openssl-devel module-init-tools util-linux nfs-utils e2fsprogs Conflicts: kernel < 2.6.17 @@ -141,6 +142,7 @@ echo %{version}-%{release} > .version %patch42 -p1 %patch43 -p1 %patch44 -p1 +%patch45 -p1 %build #CFLAGS="$RPM_OPT_FLAGS" ./configure --prefix=/usr --libdir=%{_libdir} @@ -193,6 +195,10 @@ fi %{_libdir}/autofs/ %changelog +* Thu Dec 13 2007 Ian Kent - 5.0.2-21 +- Bug 421371: CVE-2007-5964 autofs defaults don't restrict suid in /net [rawhide] + - use mount option "nosuid" for "-hosts" map unless "suid" is explicily specified. + * Thu Dec 6 2007 Jeremy Katz - 1:5.0.2-19 - rebuild for new ldap