- Call setsid() in su under some circumstances (bug #173008).

- Prevent runuser operating when setuid (bug #173113).
This commit is contained in:
Tim Waugh 2005-11-14 10:57:28 +00:00
parent 02489bd234
commit eb20fc6b71
3 changed files with 180 additions and 128 deletions

View File

@ -1,122 +1,5 @@
--- coreutils-5.92/src/su.c.runuser 2005-10-27 09:13:53.000000000 +0100
+++ coreutils-5.92/src/su.c 2005-10-27 09:17:11.000000000 +0100
@@ -134,7 +134,9 @@
/* The official name of this program (e.g., no `g' prefix). */
#define PROGRAM_NAME "su"
+#ifndef AUTHORS
#define AUTHORS "David MacKenzie"
+#endif
#if HAVE_PATHS_H
# include <paths.h>
@@ -172,6 +174,10 @@
#ifndef USE_PAM
char *crypt ();
#endif
+#ifndef CHECKPASSWD
+#define CHECKPASSWD 1
+#endif
+
char *getpass ();
char *getusershell ();
void endusershell ();
@@ -730,7 +736,7 @@
: DEFAULT_SHELL);
endpwent ();
- if (!correct_password (pw))
+ if (CHECKPASSWD && !correct_password (pw))
{
#ifdef SYSLOG_FAILURE
log_su (pw, false);
--- coreutils-5.92/src/Makefile.am.runuser 2005-10-27 09:13:53.000000000 +0100
+++ coreutils-5.92/src/Makefile.am 2005-10-27 09:13:53.000000000 +0100
@@ -17,7 +17,7 @@
## along with this program; if not, write to the Free Software Foundation,
## Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
-EXTRA_PROGRAMS = chroot df hostid nice pinky stty su uname uptime users who
+EXTRA_PROGRAMS = chroot df hostid nice pinky stty su runuser uname uptime users who
bin_SCRIPTS = groups
bin_PROGRAMS = [ chgrp chown chmod cp dd dircolors du \
@@ -91,6 +91,7 @@
uptime_LDADD = $(LDADD) $(GETLOADAVG_LIBS)
su_LDADD = $(LDADD) $(LIB_CRYPT) @LIB_PAM@
+runuser_LDADD = $(LDADD) $(LIB_CRYPT)
$(PROGRAMS): ../lib/libcoreutils.a
@@ -106,7 +107,7 @@
chmod +x $@-t
mv $@-t $@
-all-local: su$(EXEEXT)
+all-local: su$(EXEEXT) runuser
installed_su = $(DESTDIR)$(bindir)/`echo su|sed '$(transform)'`
--- /dev/null 2005-10-10 09:36:06.437701000 +0100
+++ coreutils-5.92/src/runuser.c 2005-10-27 09:17:34.000000000 +0100
@@ -0,0 +1,54 @@
+#define CHECKPASSWD 0
+#define pam_start my_pam_start
+#define pam_end my_pam_end
+#define pam_setcred my_pam_setcred
+#define pam_open_session my_pam_open_session
+#define pam_close_session my_pam_close_session
+#define pam_strerror my_pam_strerror
+#define pam_getenvlist my_pam_getenvlist
+#define AUTHORS "David MacKenzie, Dan Walsh"
+#include "su.c"
+int pam_start(const char *service_name, const char *user,
+ const struct pam_conv *pam_conversation,
+ pam_handle_t **pamh) {
+ return PAM_SUCCESS;
+}
+int pam_end(pam_handle_t *pamh, int pam_status) {
+ return PAM_SUCCESS;
+}
+int pam_setcred(pam_handle_t *pamh, int flags){
+ return PAM_SUCCESS;
+}
+int pam_open_session(pam_handle_t *pamh, int flags){
+ return PAM_SUCCESS;
+}
+int pam_close_session(pam_handle_t *pamh, int flags){
+ return PAM_SUCCESS;
+}
+const char *pam_strerror(pam_handle_t *pamh, int err){
+ return "";
+}
+char **pam_getenvlist(pam_handle_t *pamh){
+ return NULL;
+}
+
+int misc_conv(int num_msg, const struct pam_message **msgm,
+ struct pam_response **response, void *appdata_ptr) {
+ return PAM_SUCCESS;
+}
+
+int pam_authenticate(pam_handle_t *pamh, int flags) {
+ return PAM_SUCCESS;
+}
+
+int pam_acct_mgmt(pam_handle_t *pamh, int flags) {
+ return PAM_SUCCESS;
+}
+
+int pam_chauthtok (pam_handle_t *pamh, int flags) {
+ return PAM_SUCCESS;
+}
+
+int pam_set_item(pam_handle_t *pamh, int item_type, const void *item) {
+ return PAM_SUCCESS;
+}
--- /dev/null 2005-10-10 09:36:06.437701000 +0100
+++ coreutils-5.92/man/runuser.1 2005-10-27 09:13:53.000000000 +0100
+++ coreutils-5.93/man/runuser.1 2005-11-14 10:54:44.000000000 +0000
@@ -0,0 +1,59 @@
+.\" DO NOT MODIFY THIS FILE! It was generated by help2man 1.33.
+.TH RUNUSER "1" "September 2004" "runuser (coreutils) 5.2.1" "User Commands"
@ -177,8 +60,8 @@
+.B info coreutils su
+.PP
+should give you access to the complete manual.
--- coreutils-5.92/man/Makefile.am.runuser 2005-10-13 15:12:26.000000000 +0100
+++ coreutils-5.92/man/Makefile.am 2005-10-27 09:13:53.000000000 +0100
--- coreutils-5.93/man/Makefile.am.runuser 2005-10-13 15:12:51.000000000 +0100
+++ coreutils-5.93/man/Makefile.am 2005-11-14 10:54:44.000000000 +0000
@@ -7,7 +7,7 @@
link.1 ln.1 logname.1 \
ls.1 md5sum.1 mkdir.1 mkfifo.1 mknod.1 mv.1 nice.1 nl.1 nohup.1 od.1 \
@ -197,14 +80,134 @@
sha1sum.1: $(common_dep) $(srcdir)/sha1sum.x ../src/md5sum.c
shred.1: $(common_dep) $(srcdir)/shred.x ../src/shred.c
--- /dev/null 2005-10-10 09:36:06.437701000 +0100
+++ coreutils-5.92/man/runuser.x 2005-10-27 09:13:53.000000000 +0100
+++ coreutils-5.93/man/runuser.x 2005-11-14 10:54:45.000000000 +0000
@@ -0,0 +1,4 @@
+[NAME]
+runuser \- run a shell with substitute user and group IDs
+[DESCRIPTION]
+.\" Add any additional description here
--- coreutils-5.92/tests/help-version.runuser 2005-01-05 22:08:48.000000000 +0000
+++ coreutils-5.92/tests/help-version 2005-10-27 09:13:53.000000000 +0100
--- coreutils-5.93/src/su.c.runuser 2005-11-14 10:54:44.000000000 +0000
+++ coreutils-5.93/src/su.c 2005-11-14 10:54:44.000000000 +0000
@@ -134,7 +134,9 @@
/* The official name of this program (e.g., no `g' prefix). */
#define PROGRAM_NAME "su"
+#ifndef AUTHORS
#define AUTHORS "David MacKenzie"
+#endif
#if HAVE_PATHS_H
# include <paths.h>
@@ -172,6 +174,10 @@
#ifndef USE_PAM
char *crypt ();
#endif
+#ifndef CHECKPASSWD
+#define CHECKPASSWD 1
+#endif
+
char *getpass ();
char *getusershell ();
void endusershell ();
@@ -746,7 +752,7 @@
: DEFAULT_SHELL);
endpwent ();
- if (!correct_password (pw))
+ if (CHECKPASSWD && !correct_password (pw))
{
#ifdef SYSLOG_FAILURE
log_su (pw, false);
--- coreutils-5.93/src/Makefile.am.runuser 2005-11-14 10:54:44.000000000 +0000
+++ coreutils-5.93/src/Makefile.am 2005-11-14 10:54:44.000000000 +0000
@@ -17,7 +17,7 @@
## along with this program; if not, write to the Free Software Foundation,
## Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
-EXTRA_PROGRAMS = chroot df hostid nice pinky stty su uname uptime users who
+EXTRA_PROGRAMS = chroot df hostid nice pinky stty su runuser uname uptime users who
bin_SCRIPTS = groups
bin_PROGRAMS = [ chgrp chown chmod cp dd dircolors du \
@@ -91,6 +91,7 @@
uptime_LDADD = $(LDADD) $(GETLOADAVG_LIBS)
su_LDADD = $(LDADD) $(LIB_CRYPT) @LIB_PAM@
+runuser_LDADD = $(LDADD) $(LIB_CRYPT)
$(PROGRAMS): ../lib/libcoreutils.a
@@ -106,7 +107,7 @@
chmod +x $@-t
mv $@-t $@
-all-local: su$(EXEEXT)
+all-local: su$(EXEEXT) runuser
installed_su = $(DESTDIR)$(bindir)/`echo su|sed '$(transform)'`
--- /dev/null 2005-10-10 09:36:06.437701000 +0100
+++ coreutils-5.93/src/runuser.c 2005-11-14 10:55:29.000000000 +0000
@@ -0,0 +1,57 @@
+#define CHECKPASSWD 0
+#define pam_start my_pam_start
+#define pam_end my_pam_end
+#define pam_setcred my_pam_setcred
+#define pam_open_session my_pam_open_session
+#define pam_close_session my_pam_close_session
+#define pam_strerror my_pam_strerror
+#define pam_getenvlist my_pam_getenvlist
+#define AUTHORS "David MacKenzie, Dan Walsh"
+#include "su.c"
+int pam_start(const char *service_name, const char *user,
+ const struct pam_conv *pam_conversation,
+ pam_handle_t **pamh) {
+ return PAM_SUCCESS;
+}
+int pam_end(pam_handle_t *pamh, int pam_status) {
+ return PAM_SUCCESS;
+}
+int pam_setcred(pam_handle_t *pamh, int flags){
+ return PAM_SUCCESS;
+}
+int pam_open_session(pam_handle_t *pamh, int flags){
+ if (getuid() != geteuid())
+ /* safety net: deny operation if we are suid by accident */
+ error(EXIT_FAIL, 1, "runuser may not be setuid");
+ return PAM_SUCCESS;
+}
+int pam_close_session(pam_handle_t *pamh, int flags){
+ return PAM_SUCCESS;
+}
+const char *pam_strerror(pam_handle_t *pamh, int err){
+ return "";
+}
+char **pam_getenvlist(pam_handle_t *pamh){
+ return NULL;
+}
+
+int misc_conv(int num_msg, const struct pam_message **msgm,
+ struct pam_response **response, void *appdata_ptr) {
+ return PAM_SUCCESS;
+}
+
+int pam_authenticate(pam_handle_t *pamh, int flags) {
+ return PAM_SUCCESS;
+}
+
+int pam_acct_mgmt(pam_handle_t *pamh, int flags) {
+ return PAM_SUCCESS;
+}
+
+int pam_chauthtok (pam_handle_t *pamh, int flags) {
+ return PAM_SUCCESS;
+}
+
+int pam_set_item(pam_handle_t *pamh, int item_type, const void *item) {
+ return PAM_SUCCESS;
+}
--- coreutils-5.93/tests/help-version.runuser 2005-01-05 22:08:48.000000000 +0000
+++ coreutils-5.93/tests/help-version 2005-11-14 10:54:45.000000000 +0000
@@ -136,6 +136,7 @@
seq_args=10
sleep_args=0
@ -213,8 +216,8 @@
test_args=foo
# This is necessary in the unusual event that there is
--- coreutils-5.92/README.runuser 2005-09-28 19:34:03.000000000 +0100
+++ coreutils-5.92/README 2005-10-27 09:13:53.000000000 +0100
--- coreutils-5.93/README.runuser 2005-09-28 19:34:26.000000000 +0100
+++ coreutils-5.93/README 2005-11-14 10:54:45.000000000 +0000
@@ -11,7 +11,7 @@
df dir dircolors dirname du echo env expand expr factor false fmt fold
ginstall groups head hostid hostname id join kill link ln logname ls
@ -224,8 +227,8 @@
split stat stty su sum sync tac tail tee test touch tr true tsort tty
uname unexpand uniq unlink uptime users vdir wc who whoami yes
--- coreutils-5.92/AUTHORS.runuser 2004-11-03 23:10:50.000000000 +0000
+++ coreutils-5.92/AUTHORS 2005-10-27 09:13:53.000000000 +0100
--- coreutils-5.93/AUTHORS.runuser 2004-11-03 23:10:50.000000000 +0000
+++ coreutils-5.93/AUTHORS 2005-11-14 10:54:45.000000000 +0000
@@ -59,6 +59,7 @@
readlink: Dmitry V. Levin
rm: Paul Rubin, David MacKenzie, Richard Stallman, Jim Meyering

43
coreutils-setsid.patch Normal file
View File

@ -0,0 +1,43 @@
--- coreutils-5.93/src/su.c.setsid 2005-11-14 10:35:48.000000000 +0000
+++ coreutils-5.93/src/su.c 2005-11-14 10:53:03.000000000 +0000
@@ -497,6 +497,8 @@
if (child == 0) { /* child shell */
change_identity (pw);
pam_end(pamh, 0);
+ if (command)
+ setsid ();
#endif
if (simulate_login)
@@ -551,13 +553,27 @@
sigemptyset(&action.sa_mask);
action.sa_flags = 0;
sigemptyset(&ourset);
- if (sigaddset(&ourset, SIGTERM)
- || sigaddset(&ourset, SIGALRM)
- || sigaction(SIGTERM, &action, NULL)
- || sigprocmask(SIG_UNBLOCK, &ourset, NULL)) {
+ if (command)
+ {
+ if (sigaddset(&ourset, SIGINT) || sigaddset(&ourset, SIGQUIT))
+ {
+ fprintf(stderr, "%s: signal masking malfunction\n", PROGRAM_NAME);
+ caught = 1;
+ }
+ }
+ if (!caught && (sigaddset(&ourset, SIGTERM)
+ || sigaddset(&ourset, SIGALRM)
+ || sigaction(SIGTERM, &action, NULL)
+ || sigprocmask(SIG_UNBLOCK, &ourset, NULL))) {
fprintf(stderr, "%s: signal masking malfunction\n", PROGRAM_NAME);
caught = 1;
}
+ if (!caught && command && (sigaction(SIGINT, &action, NULL)
+ || sigaction(SIGQUIT, &action, NULL)))
+ {
+ fprintf(stderr, "%s: signal masking malfunction\n", PROGRAM_NAME);
+ caught = 1;
+ }
}
if (!caught) {
do {

View File

@ -1,7 +1,7 @@
Summary: The GNU core utilities: a set of tools commonly used in shell scripts
Name: coreutils
Version: 5.93
Release: 1
Release: 2
License: GPL
Group: System Environment/Base
Url: http://www.gnu.org/software/coreutils/
@ -35,6 +35,7 @@ Patch715: coreutils-4.5.3-sysinfo.patch
# (sb) lin18nux/lsb compliance
Patch800: coreutils-i18n.patch
Patch900: coreutils-setsid.patch
Patch907: coreutils-5.2.1-runuser.patch
Patch908: coreutils-getgrouplist.patch
Patch912: coreutils-overflow.patch
@ -85,6 +86,7 @@ the old GNU fileutils, sh-utils, and textutils packages.
%patch800 -p1 -b .i18n
# Coreutils
%patch900 -p1 -b .setsid
%patch907 -p1 -b .runuser
%patch908 -p1 -b .getgrouplist
%patch912 -p1 -b .overflow
@ -254,6 +256,10 @@ fi
/sbin/runuser
%changelog
* Mon Nov 14 2005 Tim Waugh <twaugh@redhat.com> 5.93-2
- Call setsid() in su under some circumstances (bug #173008).
- Prevent runuser operating when setuid (bug #173113).
* Tue Nov 8 2005 Tim Waugh <twaugh@redhat.com> 5.93-1
- 5.93.
- No longer need alt-md5sum-binary, dircolors, mkdir, mkdir2 or tac patches.