Summary: | sys-process/vixie-cron: check return code of setuid() | ||||||
---|---|---|---|---|---|---|---|
Product: | Gentoo Security | Reporter: | Eugene Ilkov <e.ilkov> | ||||
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> | ||||
Status: | RESOLVED FIXED | ||||||
Severity: | major | CC: | cron-bugs+disabled, e.ilkov, ka0ttic | ||||
Priority: | High | ||||||
Version: | unspecified | ||||||
Hardware: | All | ||||||
OS: | Linux | ||||||
Whiteboard: | A2? [glsa] | ||||||
Package list: | Runtime testing required: | --- | |||||
Attachments: |
|
Description
Eugene Ilkov
2006-05-24 04:54:52 UTC
ka0ttic please have a look and provide new ebuilds, thx Created attachment 87472 [details, diff]
do_command.c.patch
Comment on attachment 87472 [details, diff]
do_command.c.patch
setgid() first
already posted in the forums. reassigning to maintainer, as this is more of an enhancement than exploitable bug. it's pretty easy to exploit when user out of resources (its were vm/rss/nproc limits in /etc/security/limits.conf in my case), vixie-cron just runs commands from user's spool with root privileges it can be dangerous for hosting providers and everyone who gives access to cron (In reply to comment #5) > reassigning to maintainer, as this is more of an enhancement than exploitable > bug. > Eugene: ahh, I see what you mean. Re-taking bug.. cron team : please bump Bumped myself with the patch of Eugene Ilkov (thanks!). Arches, please test and stable 4.1-r9, thanks Stable on x86 alpha stable. ppc stable sparc stable. stable on ppc64 amd64 stable. stable on hppa GLSA 200606-07 arm, ia64 and mips please don't forget to mark stable to benifit from the GLSA. The mips team doth annoint this bug with the Mark of Stability +1. |