Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 315077 Details for
Bug 420783
games-fps/{quake3,openarena,tremulous}: symlink attack (CVE-2012-3345)
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
[PATCH 1/2] CVE-2012-3345: write ioq3.pid to home path, not temp directory
0001-CVE-2012-3345-write-ioq3.pid-to-home-path-not-temp-d.patch (text/plain), 1.03 KB, created by
Simon McVittie
on 2012-06-12 08:43:47 UTC
(
hide
)
Description:
[PATCH 1/2] CVE-2012-3345: write ioq3.pid to home path, not temp directory
Filename:
MIME Type:
Creator:
Simon McVittie
Created:
2012-06-12 08:43:47 UTC
Size:
1.03 KB
patch
obsolete
>From 443bdd8c3d6c92a0ad2d5f6da0aaead992e50f0d Mon Sep 17 00:00:00 2001 >From: Simon McVittie <smcv@debian.org> >Date: Mon, 11 Jun 2012 10:55:33 +0100 >Subject: [PATCH 1/2] CVE-2012-3345: write ioq3.pid to home path, not temp > directory > >On a multi-user system, an attacker could create a symbolic link >/tmp/ioq3.pid pointing to any file owned by a user who plays an >ioquake3-based game. When the victim runs ioquake3, the target file >will be overwritten and replaced with the process ID of ioquake3. > >To avoid this, write the pid to the home path (e.g. ~/.q3a on Unix). > >Signed-off-by: Simon McVittie <smcv@debian.org> >--- > code/sys/sys_main.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > >diff --git a/code/sys/sys_main.c b/code/sys/sys_main.c >index ed00b65..dae8e8f 100644 >--- a/code/sys/sys_main.c >+++ b/code/sys/sys_main.c >@@ -140,7 +140,7 @@ Sys_PIDFileName > */ > static char *Sys_PIDFileName( void ) > { >- return va( "%s/%s", Sys_TempPath( ), PID_FILENAME ); >+ return va( "%s/%s", Sys_DefaultHomePath( ), PID_FILENAME ); > } > > /* >-- >1.7.10 >
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 420783
: 315077 |
315079