Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 801076 Details for
Bug 630752
app-admin/logcheck: root privilege escalation via "chown -R" in pkg_postinst
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Fix privilege escalation
logcheck.patch (text/plain), 1.33 KB, created by
Manuel Mommertz
on 2022-08-26 06:03:12 UTC
(
hide
)
Description:
Fix privilege escalation
Filename:
MIME Type:
Creator:
Manuel Mommertz
Created:
2022-08-26 06:03:12 UTC
Size:
1.33 KB
patch
obsolete
>diff --git a/app-admin/logcheck/files/logcheck.cron b/app-admin/logcheck/files/logcheck.cron >index 3b3f4fcf62bd..3ae685c2775c 100644 >--- a/app-admin/logcheck/files/logcheck.cron >+++ b/app-admin/logcheck/files/logcheck.cron >@@ -4,7 +4,7 @@ set -e > > if [ ! -d /var/lock/logcheck ]; then > mkdir -p /var/lock/logcheck >+ chown logcheck:logcheck /var/lock/logcheck > fi >-chown -R logcheck:logcheck /var/lock/logcheck > >-su -s /bin/bash -c /usr/sbin/logcheck logcheck >+/sbin/runuser -u logcheck -- nice -n10 /usr/sbin/logcheck >diff --git a/app-admin/logcheck/logcheck-1.3.23.ebuild b/app-admin/logcheck/logcheck-1.3.23-r1.ebuild >similarity index 91% >rename from app-admin/logcheck/logcheck-1.3.23.ebuild >rename to app-admin/logcheck/logcheck-1.3.23-r1.ebuild >index b278d75e832a..bfc5236aba5c 100644 >--- a/app-admin/logcheck/logcheck-1.3.23.ebuild >+++ b/app-admin/logcheck/logcheck-1.3.23-r1.ebuild >@@ -1,4 +1,4 @@ >-# Copyright 1999-2021 Gentoo Authors >+# Copyright 1999-2022 Gentoo Authors > # Distributed under the terms of the GNU General Public License v2 > > EAPI=7 >@@ -56,10 +56,10 @@ src_install() { > doexe "${FILESDIR}"/logcheck.cron > > readme.gentoo_create_doc >+ >+ fowners -R logcheck:logcheck /etc/logcheck /var/lib/logcheck || die > } > > pkg_postinst() { >- chown -R logcheck:logcheck /etc/logcheck /var/lib/logcheck || die >- > readme.gentoo_print_elog > }
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 630752
: 801076