rpms/krb5
6
0
Fork 0
Code Issues Pull Requests Releases Activity

Make krb5kdc.log not world-readable by default

Browse Source 
Resolves: #1276484
This commit is contained in:
Robbie Harwood 2016-01-21 18:17:17 +00:00
parent 892fe9b7b5
commit 93772ec156
2 changed files with 70 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

63
krb5-1.14.1-log_file_permissions.patch Normal file
View File

@ -0,0 +1,63 @@
From 9914b93516bbce9b1123ed5f9f796b7028944892 Mon Sep 17 00:00:00 2001
From: Robbie Harwood <rharwood@redhat.com>
Date: Thu, 17 Dec 2015 13:31:39 -0500
Subject: [PATCH] Create KDC and kadmind log files with mode 0640
In krb5_klog_init(), use open() and fdopen() to open log files so that
we can specify a mode. Specify a mode which doesn't include the
group-write, other-read, or other-write bits even if the process umask
allows them.
[ghudson@mit.edu: wrote commit message, de-indented post-open setup
code]
[rharwood@redhat.com: backport not clean for some reason?]
ticket: 8344 (new)
---
src/lib/kadm5/logger.c | 21 ++++++++++++---------
1 file changed, 12 insertions(+), 9 deletions(-)
diff --git a/src/lib/kadm5/logger.c b/src/lib/kadm5/logger.c
index 19c4355..f4a9387 100644
--- a/src/lib/kadm5/logger.c 2016-01-21 18:52:52.529544902 +0000
+++ b/src/lib/kadm5/logger.c 2016-01-21 18:57:22.923972419 +0000
@@ -354,7 +354,7 @@
const char *logging_profent[3];
const char *logging_defent[3];
char **logging_specs;
- int i, ngood;
+ int i, ngood, fd, append;
char *cp, *cp2;
char savec = '\0';
int error;
@@ -422,18 +422,21 @@
/*
* Check for append/overwrite, then open the file.
*/
- if (cp[4] == ':' || cp[4] == '=') {
- f = WRITABLEFOPEN(&cp[5], (cp[4] == ':') ? "a" : "w");
- if (f) {
- set_cloexec_file(f);
- log_control.log_entries[i].lfu_filep = f;
- log_control.log_entries[i].log_type = K_LOG_FILE;
- log_control.log_entries[i].lfu_fname = &cp[5];
- } else {
+ append = (cp[4] == ':') ? O_APPEND : 0;
+ if (append || cp[4] == '=') {
+ fd = open(&cp[5], O_CREAT | O_WRONLY | append,
+ S_IRUSR | S_IWUSR | S_IRGRP);
+ if (fd != -1)
+ f = fdopen(fd, append ? "a" : "w");
+ if (fd == -1 || f == NULL) {
fprintf(stderr,"Couldn't open log file %s: %s\n",
&cp[5], error_message(errno));
continue;
}
+ set_cloexec_file(f);
+ log_control.log_entries[i].lfu_filep = f;
+ log_control.log_entries[i].log_type = K_LOG_FILE;
+ log_control.log_entries[i].lfu_fname = &cp[5];
}
}
#ifdef HAVE_SYSLOG

8
krb5.spec
View File

@ -13,7 +13,7 @@
Summary: The Kerberos network authentication system
Name: krb5
Version: 1.14
Release: 16%{?dist}
Release: 17%{?dist}
# - Maybe we should explode from the now-available-to-everybody tarball instead?
# http://web.mit.edu/kerberos/dist/krb5/1.13/krb5-1.13.2-signed.tar
# - The sources below are stored in a lookaside cache. Upload with
@ -60,6 +60,7 @@ Patch148: krb5-disable_ofd_locks.patch
Patch150: krb5-fix_interposer.patch
Patch151: krb5-mechglue_inqure_attrs.patch
Patch152: krb5-init_context_null_spnego.patch
Patch153: krb5-1.14.1-log_file_permissions.patch
License: MIT
URL: http://web.mit.edu/kerberos/www/
@ -236,6 +237,7 @@ ln NOTICE LICENSE
%patch150 -p1 -b .fix_interposer
%patch151 -p1 -b .mechglue_inqure_attrs
%patch152 -p1 -b .init_context_null_spnego
%patch153 -p1 -b .log_file_permissions
# Take the execute bit off of documentation.
chmod -x doc/krb5-protocol/*.txt doc/ccapi/*.html
@ -766,6 +768,10 @@ exit 0
%changelog
* Thu Jan 21 2016 Robbie Harwood <rharwood@redhat.com> - 1.14-17
- Make krb5kdc.log not world-readable by default
- Resolves: #1276484
* Thu Jan 21 2016 Robbie Harwood <rharwood@redhat.com> - 1.14-16
- Allow verification of attributes on krb5.conf