* Fri Mar 17 2006 Dan Walsh <dwalsh@redhat.com> 1.30-3

- Fixes for restorecond attack via symlinks
- Fixes for fixfiles
This commit is contained in:
Daniel J Walsh 2006-03-20 21:24:16 +00:00
parent 2fc100201a
commit b0a7b268a9
2 changed files with 9 additions and 56 deletions

View File

@ -77,8 +77,8 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/restorecond/restorecond.
+.BR restorecon (8),
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/restorecond/restorecond.c policycoreutils-1.30/restorecond/restorecond.c
--- nsapolicycoreutils/restorecond/restorecond.c 1969-12-31 19:00:00.000000000 -0500
+++ policycoreutils-1.30/restorecond/restorecond.c 2006-03-17 23:56:29.000000000 -0500
@@ -0,0 +1,469 @@
+++ policycoreutils-1.30/restorecond/restorecond.c 2006-03-20 15:57:28.000000000 -0500
@@ -0,0 +1,436 @@
+/*
+ * restorecond
+ *
@ -240,44 +240,11 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/restorecond/restorecond.
+
+ if (lstat(filename, &st)!=0) return;
+
+ if (S_ISLNK(st.st_mode)) {
+ char *p = NULL, *file_sep;
+ char *tmp_path = strdupa(filename);
+ size_t len=0;
+ if (!tmp_path) {
+ exitApp("Out of Memory");
+ }
+ file_sep = strrchr(tmp_path, '/');
+ if(file_sep)
+ {
+ *file_sep = 0;
+ file_sep++;
+ p = realpath(tmp_path, path);
+ }
+ else {
+ file_sep = tmp_path;
+ p = realpath("./", path);
+ }
+ if(p)
+ len = strlen(p);
+ if (!p || len + strlen(file_sep) + 2 > PATH_MAX) {
+ syslog(LOG_ERR,"realpath(%s) failed %s\n", filename, strerror(errno));
+ if (st.st_nlink > 1) {
+ syslog(LOG_ERR,"Will not restore a file with more than one hard link (%s) %s\n", filename,strerror(errno));
+ return;
+ }
+ p += len;
+ *p = '/';
+ p++;
+ strcpy(p, file_sep);
+ filename = path;
+ } else {
+ char *p;
+ p = realpath(filename, path);
+ if (!p) {
+ syslog(LOG_ERR,"realpath(%s) failed %s\n", filename, strerror(errno));
+ return;
+ }
+ filename = p;
+ }
+
+ if (matchpathcon(filename, st.st_mode, &scontext) < 0) {
+ if (errno == ENOENT)
+ return;
@ -958,7 +925,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/restorecond/utmpwatcher.
+#endif
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/scripts/fixfiles policycoreutils-1.30/scripts/fixfiles
--- nsapolicycoreutils/scripts/fixfiles 2006-01-04 13:07:46.000000000 -0500
+++ policycoreutils-1.30/scripts/fixfiles 2006-03-17 23:29:02.000000000 -0500
+++ policycoreutils-1.30/scripts/fixfiles 2006-03-20 15:50:23.000000000 -0500
@@ -124,7 +124,15 @@
exit $?
fi
@ -966,7 +933,7 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/scripts/fixfiles policyc
- ${RESTORECON} ${OUTFILES} ${FORCEFLAG} -R $1 -v $DIRS 2>&1 >> $LOGFILE
+ if [ -x /usr/bin/find ]; then
+ for d in ${DIRS} ; do find $d \
+ ! \( -fstype ext2 -o -fstype ext3 -o -fstype jfs -o -fstype xfs \) -prune -o -print; \
+ ! \( -fstype ext2 -o -fstype ext3 -o -fstype jfs -o -fstype xfs \) -prune -o -print | \
+ ${RESTORECON} ${OUTFILES} ${FORCEFLAG} $1 -v -f - 2>&1 >> $LOGFILE
+ done
+ else
@ -979,20 +946,6 @@ diff --exclude-from=exclude -N -u -r nsapolicycoreutils/scripts/fixfiles policyc
diff --exclude-from=exclude -N -u -r nsapolicycoreutils/semanage/seobject.py policycoreutils-1.30/semanage/seobject.py
--- nsapolicycoreutils/semanage/seobject.py 2006-03-10 09:48:05.000000000 -0500
+++ policycoreutils-1.30/semanage/seobject.py 2006-03-17 23:29:02.000000000 -0500
@@ -229,10 +229,9 @@
if rc < 0:
raise ValueError("Could not set name for %s" % name)
- if serange != "":
- rc = semanage_seuser_set_mlsrange(self.sh, u, serange)
- if rc < 0:
- raise ValueError("Could not set MLS range for %s" % name)
+ rc = semanage_seuser_set_mlsrange(self.sh, u, serange)
+ if rc < 0:
+ raise ValueError("Could not set MLS range for %s" % name)
rc = semanage_seuser_set_sename(self.sh, u, sename)
if rc < 0:
@@ -549,7 +548,7 @@
raise ValueError("Could not list roles for user %s" % name)

View File

@ -5,7 +5,7 @@
Summary: SELinux policy core utilities.
Name: policycoreutils
Version: 1.30
Release: 2
Release: 3
License: GPL
Group: System Environment/Base
Source: http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz