[Pkg-shadow-commits] r2449 - in upstream/trunk: . libmisc
nekral-guest at alioth.debian.org
nekral-guest at alioth.debian.org
Sat Nov 22 23:22:16 UTC 2008
Author: nekral-guest
Date: 2008-11-22 23:22:16 +0000 (Sat, 22 Nov 2008)
New Revision: 2449
Modified:
upstream/trunk/ChangeLog
upstream/trunk/NEWS
upstream/trunk/libmisc/chowntty.c
Log:
* NEWS, libmisc/chowntty.c: Fix a race condition that could lead to
gaining ownership or changing mode of arbitrary files.
Modified: upstream/trunk/ChangeLog
===================================================================
--- upstream/trunk/ChangeLog 2008-11-22 23:20:11 UTC (rev 2448)
+++ upstream/trunk/ChangeLog 2008-11-22 23:22:16 UTC (rev 2449)
@@ -1,3 +1,8 @@
+2008-11-23 Nicolas François <nicolas.francois at centraliens.net>
+
+ * NEWS, libmisc/chowntty.c: Fix a race condition that could lead to
+ gaining ownership or changing mode of arbitrary files.
+
2008-10-11 Nicolas François <nicolas.francois at centraliens.net>
* man/gshadow.5.xml, man/shadow.5.xml, man/passwd.5.xml,
Modified: upstream/trunk/NEWS
===================================================================
--- upstream/trunk/NEWS 2008-11-22 23:20:11 UTC (rev 2448)
+++ upstream/trunk/NEWS 2008-11-22 23:22:16 UTC (rev 2449)
@@ -1,6 +1,6 @@
$Id$
-shadow-4.1.2.1 -> shadow-4.1.3 UNRELEASED
+shadow-4.1.2.2 -> shadow-4.1.3 UNRELEASED
*** general:
- packaging
@@ -59,6 +59,12 @@
* Allow adding LDAP users (or any user not present in the local passwd
file) to local groups
+shadow-4.1.2.1 -> shadow-4.1.2.2 23-11-2008
+
+*** security
+- Fix a race condition in login that could lead to gaining ownership or
+ changing mode of arbitrary files.
+
shadow-4.1.2 -> shadow-4.1.2.1 26-06-2008
*** security
Modified: upstream/trunk/libmisc/chowntty.c
===================================================================
--- upstream/trunk/libmisc/chowntty.c 2008-11-22 23:20:11 UTC (rev 2448)
+++ upstream/trunk/libmisc/chowntty.c 2008-11-22 23:22:16 UTC (rev 2449)
@@ -109,14 +109,14 @@
exit (1);
}
- if ( (chown (tty, info->pw_uid, gid) != 0)
- || (chmod (tty, getdef_num ("TTYPERM", 0600)) != 0)) {
+ if ( (fchown (STDIN_FILENO, info->pw_uid, gid) != 0)
+ || (fchmod (STDIN_FILENO, getdef_num ("TTYPERM", 0600)) != 0)) {
int err = errno;
- snprintf (buf, sizeof buf, _("Unable to change tty %s"), tty);
+ snprintf (buf, sizeof buf, _("Unable to change tty stdin"));
perror (buf);
SYSLOG ((LOG_WARN,
- "unable to change tty `%s' for user `%s'\n", tty,
+ "unable to change tty stdin for user `%s'\n",
info->pw_name));
closelog ();
More information about the Pkg-shadow-commits
mailing list