From eb20fc6b7102fde524c7787b8520d6f177d017c1 Mon Sep 17 00:00:00 2001 From: Tim Waugh Date: Mon, 14 Nov 2005 10:57:28 +0000 Subject: [PATCH] - Call setsid() in su under some circumstances (bug #173008). - Prevent runuser operating when setuid (bug #173113). --- coreutils-5.2.1-runuser.patch | 257 +++++++++++++++++----------------- coreutils-setsid.patch | 43 ++++++ coreutils.spec | 8 +- 3 files changed, 180 insertions(+), 128 deletions(-) create mode 100644 coreutils-setsid.patch diff --git a/coreutils-5.2.1-runuser.patch b/coreutils-5.2.1-runuser.patch index 3356638..ae050d3 100644 --- a/coreutils-5.2.1-runuser.patch +++ b/coreutils-5.2.1-runuser.patch @@ -1,122 +1,5 @@ ---- coreutils-5.92/src/su.c.runuser 2005-10-27 09:13:53.000000000 +0100 -+++ coreutils-5.92/src/su.c 2005-10-27 09:17:11.000000000 +0100 -@@ -134,7 +134,9 @@ - /* The official name of this program (e.g., no `g' prefix). */ - #define PROGRAM_NAME "su" - -+#ifndef AUTHORS - #define AUTHORS "David MacKenzie" -+#endif - - #if HAVE_PATHS_H - # include -@@ -172,6 +174,10 @@ - #ifndef USE_PAM - char *crypt (); - #endif -+#ifndef CHECKPASSWD -+#define CHECKPASSWD 1 -+#endif -+ - char *getpass (); - char *getusershell (); - void endusershell (); -@@ -730,7 +736,7 @@ - : DEFAULT_SHELL); - endpwent (); - -- if (!correct_password (pw)) -+ if (CHECKPASSWD && !correct_password (pw)) - { - #ifdef SYSLOG_FAILURE - log_su (pw, false); ---- coreutils-5.92/src/Makefile.am.runuser 2005-10-27 09:13:53.000000000 +0100 -+++ coreutils-5.92/src/Makefile.am 2005-10-27 09:13:53.000000000 +0100 -@@ -17,7 +17,7 @@ - ## along with this program; if not, write to the Free Software Foundation, - ## Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. - --EXTRA_PROGRAMS = chroot df hostid nice pinky stty su uname uptime users who -+EXTRA_PROGRAMS = chroot df hostid nice pinky stty su runuser uname uptime users who - - bin_SCRIPTS = groups - bin_PROGRAMS = [ chgrp chown chmod cp dd dircolors du \ -@@ -91,6 +91,7 @@ - uptime_LDADD = $(LDADD) $(GETLOADAVG_LIBS) - - su_LDADD = $(LDADD) $(LIB_CRYPT) @LIB_PAM@ -+runuser_LDADD = $(LDADD) $(LIB_CRYPT) - - $(PROGRAMS): ../lib/libcoreutils.a - -@@ -106,7 +107,7 @@ - chmod +x $@-t - mv $@-t $@ - --all-local: su$(EXEEXT) -+all-local: su$(EXEEXT) runuser - - installed_su = $(DESTDIR)$(bindir)/`echo su|sed '$(transform)'` - --- /dev/null 2005-10-10 09:36:06.437701000 +0100 -+++ coreutils-5.92/src/runuser.c 2005-10-27 09:17:34.000000000 +0100 -@@ -0,0 +1,54 @@ -+#define CHECKPASSWD 0 -+#define pam_start my_pam_start -+#define pam_end my_pam_end -+#define pam_setcred my_pam_setcred -+#define pam_open_session my_pam_open_session -+#define pam_close_session my_pam_close_session -+#define pam_strerror my_pam_strerror -+#define pam_getenvlist my_pam_getenvlist -+#define AUTHORS "David MacKenzie, Dan Walsh" -+#include "su.c" -+int pam_start(const char *service_name, const char *user, -+ const struct pam_conv *pam_conversation, -+ pam_handle_t **pamh) { -+ return PAM_SUCCESS; -+} -+int pam_end(pam_handle_t *pamh, int pam_status) { -+ return PAM_SUCCESS; -+} -+int pam_setcred(pam_handle_t *pamh, int flags){ -+ return PAM_SUCCESS; -+} -+int pam_open_session(pam_handle_t *pamh, int flags){ -+ return PAM_SUCCESS; -+} -+int pam_close_session(pam_handle_t *pamh, int flags){ -+ return PAM_SUCCESS; -+} -+const char *pam_strerror(pam_handle_t *pamh, int err){ -+ return ""; -+} -+char **pam_getenvlist(pam_handle_t *pamh){ -+ return NULL; -+} -+ -+int misc_conv(int num_msg, const struct pam_message **msgm, -+ struct pam_response **response, void *appdata_ptr) { -+ return PAM_SUCCESS; -+} -+ -+int pam_authenticate(pam_handle_t *pamh, int flags) { -+ return PAM_SUCCESS; -+} -+ -+int pam_acct_mgmt(pam_handle_t *pamh, int flags) { -+ return PAM_SUCCESS; -+} -+ -+int pam_chauthtok (pam_handle_t *pamh, int flags) { -+ return PAM_SUCCESS; -+} -+ -+int pam_set_item(pam_handle_t *pamh, int item_type, const void *item) { -+ return PAM_SUCCESS; -+} ---- /dev/null 2005-10-10 09:36:06.437701000 +0100 -+++ coreutils-5.92/man/runuser.1 2005-10-27 09:13:53.000000000 +0100 ++++ coreutils-5.93/man/runuser.1 2005-11-14 10:54:44.000000000 +0000 @@ -0,0 +1,59 @@ +.\" DO NOT MODIFY THIS FILE! It was generated by help2man 1.33. +.TH RUNUSER "1" "September 2004" "runuser (coreutils) 5.2.1" "User Commands" @@ -177,8 +60,8 @@ +.B info coreutils su +.PP +should give you access to the complete manual. ---- coreutils-5.92/man/Makefile.am.runuser 2005-10-13 15:12:26.000000000 +0100 -+++ coreutils-5.92/man/Makefile.am 2005-10-27 09:13:53.000000000 +0100 +--- coreutils-5.93/man/Makefile.am.runuser 2005-10-13 15:12:51.000000000 +0100 ++++ coreutils-5.93/man/Makefile.am 2005-11-14 10:54:44.000000000 +0000 @@ -7,7 +7,7 @@ link.1 ln.1 logname.1 \ ls.1 md5sum.1 mkdir.1 mkfifo.1 mknod.1 mv.1 nice.1 nl.1 nohup.1 od.1 \ @@ -197,14 +80,134 @@ sha1sum.1: $(common_dep) $(srcdir)/sha1sum.x ../src/md5sum.c shred.1: $(common_dep) $(srcdir)/shred.x ../src/shred.c --- /dev/null 2005-10-10 09:36:06.437701000 +0100 -+++ coreutils-5.92/man/runuser.x 2005-10-27 09:13:53.000000000 +0100 ++++ coreutils-5.93/man/runuser.x 2005-11-14 10:54:45.000000000 +0000 @@ -0,0 +1,4 @@ +[NAME] +runuser \- run a shell with substitute user and group IDs +[DESCRIPTION] +.\" Add any additional description here ---- coreutils-5.92/tests/help-version.runuser 2005-01-05 22:08:48.000000000 +0000 -+++ coreutils-5.92/tests/help-version 2005-10-27 09:13:53.000000000 +0100 +--- coreutils-5.93/src/su.c.runuser 2005-11-14 10:54:44.000000000 +0000 ++++ coreutils-5.93/src/su.c 2005-11-14 10:54:44.000000000 +0000 +@@ -134,7 +134,9 @@ + /* The official name of this program (e.g., no `g' prefix). */ + #define PROGRAM_NAME "su" + ++#ifndef AUTHORS + #define AUTHORS "David MacKenzie" ++#endif + + #if HAVE_PATHS_H + # include +@@ -172,6 +174,10 @@ + #ifndef USE_PAM + char *crypt (); + #endif ++#ifndef CHECKPASSWD ++#define CHECKPASSWD 1 ++#endif ++ + char *getpass (); + char *getusershell (); + void endusershell (); +@@ -746,7 +752,7 @@ + : DEFAULT_SHELL); + endpwent (); + +- if (!correct_password (pw)) ++ if (CHECKPASSWD && !correct_password (pw)) + { + #ifdef SYSLOG_FAILURE + log_su (pw, false); +--- coreutils-5.93/src/Makefile.am.runuser 2005-11-14 10:54:44.000000000 +0000 ++++ coreutils-5.93/src/Makefile.am 2005-11-14 10:54:44.000000000 +0000 +@@ -17,7 +17,7 @@ + ## along with this program; if not, write to the Free Software Foundation, + ## Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + +-EXTRA_PROGRAMS = chroot df hostid nice pinky stty su uname uptime users who ++EXTRA_PROGRAMS = chroot df hostid nice pinky stty su runuser uname uptime users who + + bin_SCRIPTS = groups + bin_PROGRAMS = [ chgrp chown chmod cp dd dircolors du \ +@@ -91,6 +91,7 @@ + uptime_LDADD = $(LDADD) $(GETLOADAVG_LIBS) + + su_LDADD = $(LDADD) $(LIB_CRYPT) @LIB_PAM@ ++runuser_LDADD = $(LDADD) $(LIB_CRYPT) + + $(PROGRAMS): ../lib/libcoreutils.a + +@@ -106,7 +107,7 @@ + chmod +x $@-t + mv $@-t $@ + +-all-local: su$(EXEEXT) ++all-local: su$(EXEEXT) runuser + + installed_su = $(DESTDIR)$(bindir)/`echo su|sed '$(transform)'` + +--- /dev/null 2005-10-10 09:36:06.437701000 +0100 ++++ coreutils-5.93/src/runuser.c 2005-11-14 10:55:29.000000000 +0000 +@@ -0,0 +1,57 @@ ++#define CHECKPASSWD 0 ++#define pam_start my_pam_start ++#define pam_end my_pam_end ++#define pam_setcred my_pam_setcred ++#define pam_open_session my_pam_open_session ++#define pam_close_session my_pam_close_session ++#define pam_strerror my_pam_strerror ++#define pam_getenvlist my_pam_getenvlist ++#define AUTHORS "David MacKenzie, Dan Walsh" ++#include "su.c" ++int pam_start(const char *service_name, const char *user, ++ const struct pam_conv *pam_conversation, ++ pam_handle_t **pamh) { ++ return PAM_SUCCESS; ++} ++int pam_end(pam_handle_t *pamh, int pam_status) { ++ return PAM_SUCCESS; ++} ++int pam_setcred(pam_handle_t *pamh, int flags){ ++ return PAM_SUCCESS; ++} ++int pam_open_session(pam_handle_t *pamh, int flags){ ++ if (getuid() != geteuid()) ++ /* safety net: deny operation if we are suid by accident */ ++ error(EXIT_FAIL, 1, "runuser may not be setuid"); ++ return PAM_SUCCESS; ++} ++int pam_close_session(pam_handle_t *pamh, int flags){ ++ return PAM_SUCCESS; ++} ++const char *pam_strerror(pam_handle_t *pamh, int err){ ++ return ""; ++} ++char **pam_getenvlist(pam_handle_t *pamh){ ++ return NULL; ++} ++ ++int misc_conv(int num_msg, const struct pam_message **msgm, ++ struct pam_response **response, void *appdata_ptr) { ++ return PAM_SUCCESS; ++} ++ ++int pam_authenticate(pam_handle_t *pamh, int flags) { ++ return PAM_SUCCESS; ++} ++ ++int pam_acct_mgmt(pam_handle_t *pamh, int flags) { ++ return PAM_SUCCESS; ++} ++ ++int pam_chauthtok (pam_handle_t *pamh, int flags) { ++ return PAM_SUCCESS; ++} ++ ++int pam_set_item(pam_handle_t *pamh, int item_type, const void *item) { ++ return PAM_SUCCESS; ++} +--- coreutils-5.93/tests/help-version.runuser 2005-01-05 22:08:48.000000000 +0000 ++++ coreutils-5.93/tests/help-version 2005-11-14 10:54:45.000000000 +0000 @@ -136,6 +136,7 @@ seq_args=10 sleep_args=0 @@ -213,8 +216,8 @@ test_args=foo # This is necessary in the unusual event that there is ---- coreutils-5.92/README.runuser 2005-09-28 19:34:03.000000000 +0100 -+++ coreutils-5.92/README 2005-10-27 09:13:53.000000000 +0100 +--- coreutils-5.93/README.runuser 2005-09-28 19:34:26.000000000 +0100 ++++ coreutils-5.93/README 2005-11-14 10:54:45.000000000 +0000 @@ -11,7 +11,7 @@ df dir dircolors dirname du echo env expand expr factor false fmt fold ginstall groups head hostid hostname id join kill link ln logname ls @@ -224,8 +227,8 @@ split stat stty su sum sync tac tail tee test touch tr true tsort tty uname unexpand uniq unlink uptime users vdir wc who whoami yes ---- coreutils-5.92/AUTHORS.runuser 2004-11-03 23:10:50.000000000 +0000 -+++ coreutils-5.92/AUTHORS 2005-10-27 09:13:53.000000000 +0100 +--- coreutils-5.93/AUTHORS.runuser 2004-11-03 23:10:50.000000000 +0000 ++++ coreutils-5.93/AUTHORS 2005-11-14 10:54:45.000000000 +0000 @@ -59,6 +59,7 @@ readlink: Dmitry V. Levin rm: Paul Rubin, David MacKenzie, Richard Stallman, Jim Meyering diff --git a/coreutils-setsid.patch b/coreutils-setsid.patch new file mode 100644 index 0000000..4de88d1 --- /dev/null +++ b/coreutils-setsid.patch @@ -0,0 +1,43 @@ +--- coreutils-5.93/src/su.c.setsid 2005-11-14 10:35:48.000000000 +0000 ++++ coreutils-5.93/src/su.c 2005-11-14 10:53:03.000000000 +0000 +@@ -497,6 +497,8 @@ + if (child == 0) { /* child shell */ + change_identity (pw); + pam_end(pamh, 0); ++ if (command) ++ setsid (); + #endif + + if (simulate_login) +@@ -551,13 +553,27 @@ + sigemptyset(&action.sa_mask); + action.sa_flags = 0; + sigemptyset(&ourset); +- if (sigaddset(&ourset, SIGTERM) +- || sigaddset(&ourset, SIGALRM) +- || sigaction(SIGTERM, &action, NULL) +- || sigprocmask(SIG_UNBLOCK, &ourset, NULL)) { ++ if (command) ++ { ++ if (sigaddset(&ourset, SIGINT) || sigaddset(&ourset, SIGQUIT)) ++ { ++ fprintf(stderr, "%s: signal masking malfunction\n", PROGRAM_NAME); ++ caught = 1; ++ } ++ } ++ if (!caught && (sigaddset(&ourset, SIGTERM) ++ || sigaddset(&ourset, SIGALRM) ++ || sigaction(SIGTERM, &action, NULL) ++ || sigprocmask(SIG_UNBLOCK, &ourset, NULL))) { + fprintf(stderr, "%s: signal masking malfunction\n", PROGRAM_NAME); + caught = 1; + } ++ if (!caught && command && (sigaction(SIGINT, &action, NULL) ++ || sigaction(SIGQUIT, &action, NULL))) ++ { ++ fprintf(stderr, "%s: signal masking malfunction\n", PROGRAM_NAME); ++ caught = 1; ++ } + } + if (!caught) { + do { diff --git a/coreutils.spec b/coreutils.spec index 995cbf7..caaab83 100644 --- a/coreutils.spec +++ b/coreutils.spec @@ -1,7 +1,7 @@ Summary: The GNU core utilities: a set of tools commonly used in shell scripts Name: coreutils Version: 5.93 -Release: 1 +Release: 2 License: GPL Group: System Environment/Base Url: http://www.gnu.org/software/coreutils/ @@ -35,6 +35,7 @@ Patch715: coreutils-4.5.3-sysinfo.patch # (sb) lin18nux/lsb compliance Patch800: coreutils-i18n.patch +Patch900: coreutils-setsid.patch Patch907: coreutils-5.2.1-runuser.patch Patch908: coreutils-getgrouplist.patch Patch912: coreutils-overflow.patch @@ -85,6 +86,7 @@ the old GNU fileutils, sh-utils, and textutils packages. %patch800 -p1 -b .i18n # Coreutils +%patch900 -p1 -b .setsid %patch907 -p1 -b .runuser %patch908 -p1 -b .getgrouplist %patch912 -p1 -b .overflow @@ -254,6 +256,10 @@ fi /sbin/runuser %changelog +* Mon Nov 14 2005 Tim Waugh 5.93-2 +- Call setsid() in su under some circumstances (bug #173008). +- Prevent runuser operating when setuid (bug #173113). + * Tue Nov 8 2005 Tim Waugh 5.93-1 - 5.93. - No longer need alt-md5sum-binary, dircolors, mkdir, mkdir2 or tac patches.