* Fri Mar 17 2006 Dan Walsh <dwalsh@redhat.com> 1.30-3

- Fixes for restorecond attack via symlinks
- Fixes for fixfiles
This commit is contained in:
Daniel J Walsh 2006-03-20 21:24:16 +00:00
parent 2fc100201a
commit b0a7b268a9
2 changed files with 9 additions and 56 deletions

View File

@ -77,8 +77,8 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/restorecond/restorecond.
+.BR restorecon (8), +.BR restorecon (8),
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/restorecond/restorecond.c policycoreutils-1.30/restorecond/restorecond.c diff --exclude-from=exclude -N -u -r nsapolicycoreutils/restorecond/restorecond.c policycoreutils-1.30/restorecond/restorecond.c
--- nsapolicycoreutils/restorecond/restorecond.c 1969-12-31 19:00:00.000000000 -0500 --- nsapolicycoreutils/restorecond/restorecond.c 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-1.30/restorecond/restorecond.c 2006-03-17 23:56:29.000000000 -0500 +++ policycoreutils-1.30/restorecond/restorecond.c 2006-03-20 15:57:28.000000000 -0500
@@ -0,0 +1,469 @@ @@ -0,0 +1,436 @@
+/* +/*
+ * restorecond + * restorecond
+ * + *
@ -240,44 +240,11 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/restorecond/restorecond.
+ +
+ if (lstat(filename, &st)!=0) return; + if (lstat(filename, &st)!=0) return;
+ +
+ if (S_ISLNK(st.st_mode)) { + if (st.st_nlink > 1) {
+ char *p = NULL, *file_sep; + syslog(LOG_ERR,"Will not restore a file with more than one hard link (%s) %s\n", filename,strerror(errno));
+ char *tmp_path = strdupa(filename);
+ size_t len=0;
+ if (!tmp_path) {
+ exitApp("Out of Memory");
+ }
+ file_sep = strrchr(tmp_path, '/');
+ if(file_sep)
+ {
+ *file_sep = 0;
+ file_sep++;
+ p = realpath(tmp_path, path);
+ }
+ else {
+ file_sep = tmp_path;
+ p = realpath("./", path);
+ }
+ if(p)
+ len = strlen(p);
+ if (!p || len + strlen(file_sep) + 2 > PATH_MAX) {
+ syslog(LOG_ERR,"realpath(%s) failed %s\n", filename, strerror(errno));
+ return; + return;
+ } + }
+ p += len; +
+ *p = '/';
+ p++;
+ strcpy(p, file_sep);
+ filename = path;
+ } else {
+ char *p;
+ p = realpath(filename, path);
+ if (!p) {
+ syslog(LOG_ERR,"realpath(%s) failed %s\n", filename, strerror(errno));
+ return;
+ }
+ filename = p;
+ }
+ if (matchpathcon(filename, st.st_mode, &scontext) < 0) { + if (matchpathcon(filename, st.st_mode, &scontext) < 0) {
+ if (errno == ENOENT) + if (errno == ENOENT)
+ return; + return;
@ -958,7 +925,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/restorecond/utmpwatcher.
+#endif +#endif
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/scripts/fixfiles policycoreutils-1.30/scripts/fixfiles diff --exclude-from=exclude -N -u -r nsapolicycoreutils/scripts/fixfiles policycoreutils-1.30/scripts/fixfiles
--- nsapolicycoreutils/scripts/fixfiles 2006-01-04 13:07:46.000000000 -0500 --- nsapolicycoreutils/scripts/fixfiles 2006-01-04 13:07:46.000000000 -0500
+++ policycoreutils-1.30/scripts/fixfiles 2006-03-17 23:29:02.000000000 -0500 +++ policycoreutils-1.30/scripts/fixfiles 2006-03-20 15:50:23.000000000 -0500
@@ -124,7 +124,15 @@ @@ -124,7 +124,15 @@
exit $? exit $?
fi fi
@ -966,7 +933,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/scripts/fixfiles policyc
- ${RESTORECON} ${OUTFILES} ${FORCEFLAG} -R $1 -v $DIRS 2>&1 >> $LOGFILE - ${RESTORECON} ${OUTFILES} ${FORCEFLAG} -R $1 -v $DIRS 2>&1 >> $LOGFILE
+ if [ -x /usr/bin/find ]; then + if [ -x /usr/bin/find ]; then
+ for d in ${DIRS} ; do find $d \ + for d in ${DIRS} ; do find $d \
+ ! \( -fstype ext2 -o -fstype ext3 -o -fstype jfs -o -fstype xfs \) -prune -o -print; \ + ! \( -fstype ext2 -o -fstype ext3 -o -fstype jfs -o -fstype xfs \) -prune -o -print | \
+ ${RESTORECON} ${OUTFILES} ${FORCEFLAG} $1 -v -f - 2>&1 >> $LOGFILE + ${RESTORECON} ${OUTFILES} ${FORCEFLAG} $1 -v -f - 2>&1 >> $LOGFILE
+ done + done
+ else + else
@ -979,20 +946,6 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/scripts/fixfiles policyc
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/semanage/seobject.py policycoreutils-1.30/semanage/seobject.py diff --exclude-from=exclude -N -u -r nsapolicycoreutils/semanage/seobject.py policycoreutils-1.30/semanage/seobject.py
--- nsapolicycoreutils/semanage/seobject.py 2006-03-10 09:48:05.000000000 -0500 --- nsapolicycoreutils/semanage/seobject.py 2006-03-10 09:48:05.000000000 -0500
+++ policycoreutils-1.30/semanage/seobject.py 2006-03-17 23:29:02.000000000 -0500 +++ policycoreutils-1.30/semanage/seobject.py 2006-03-17 23:29:02.000000000 -0500
@@ -229,10 +229,9 @@
if rc < 0:
raise ValueError("Could not set name for %s" % name)
- if serange != "":
- rc = semanage_seuser_set_mlsrange(self.sh, u, serange)
- if rc < 0:
- raise ValueError("Could not set MLS range for %s" % name)
+ rc = semanage_seuser_set_mlsrange(self.sh, u, serange)
+ if rc < 0:
+ raise ValueError("Could not set MLS range for %s" % name)
rc = semanage_seuser_set_sename(self.sh, u, sename)
if rc < 0:
@@ -549,7 +548,7 @@ @@ -549,7 +548,7 @@
raise ValueError("Could not list roles for user %s" % name) raise ValueError("Could not list roles for user %s" % name)

View File

@ -5,7 +5,7 @@
Summary: SELinux policy core utilities. Summary: SELinux policy core utilities.
Name: policycoreutils Name: policycoreutils
Version: 1.30 Version: 1.30
Release: 2 Release: 3
License: GPL License: GPL
Group: System Environment/Base Group: System Environment/Base
Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz