The JAIL module in RSBAC has been discovered to have a flaw in its checking to see if files should be created by a user. Because of this flaw, a program created by a user could create suid and sguid files using sys_creat, sys_open, and sys_mknod. A patch was created to address this issue. Bug was reported by Brad Sprengler. Reproducible: Always Steps to Reproduce: 1. 2. 3.
Created attachment 34504 [details, diff] RSBAC JAIL module patch
rsbac-sources and rsbac-dev-sources both include v1.2.3-3 fix for JAIL bugs as of today.
erroneously resolved the bug too early.
Which packages are affected by this ? Only rsbac-sources and rsbac-dev-sources ?
yes rsbac-sources and rsbac-dev-sources; both are masked in ~x86 and there never was a stable ebuild yet (its too young) so no GLSA is normally needed.
GLSA 200407-02; http://article.gmane.org/gmane.linux.gentoo.announce/382; closing as FIXED.