Summary: | x11-apps/xinit-1.0.8-r8: insecure creation of /tmp/.noxdm | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Ambroz Bizjak <ambrop7> |
Component: | [OLD] Core system | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | arfrever, williamh |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | C4 [noglsa] | ||
Package list: | Runtime testing required: | --- |
Description
Ambroz Bizjak
2009-10-06 15:12:39 UTC
All, suggestions for where to put this would be appreciated. I put it in /tmp to get it out of /etc/init.d, which is where livecd-tools was originally putting it. A change here will mean a change to livecd-tools as well to keep them consistent. All, I have moved the .noxdm file to /etc. That is the only difference between -r8 and -r9, so you might want to fast track -r9 to stable. I have also updated bug #286308 for livecd-tools. (In reply to comment #1) > suggestions for where to put this would be appreciated. I would suggest "/var/cache/xinit/.noxdm" or "/var/lib/xinit/.noxdm". I went ahead and put this in /etc since other files like it (such as /etc/nologin) are also there. The following code in x11-apps/xinit/files/xdm.initd-3 still allows to anybody to force xdm startup to fail: if [ -f /etc/init.d/.noxdm -o -f /tmp/.noxdm -o -f /etc/.noxdm ]; then einfo "Skipping ${EXE}, .noxdm found in /tmp, /etc/init.d or /etc" rm /etc/.noxdm /etc/init.d/.noxdm /tmp/.noxdm return 0 fi this is fixed in -r10, you should be good to go to stable now. William (In reply to comment #5) > I went ahead and put this in /etc since other files like it (such as > /etc/nologin) are also there. That doesn't sound like a good idea to me. Files in /etc should be maintained by the system administrator; files that change automatically during system boot or normal operation should go to /var, as arfrever suggested in comment #4. Well, there are some files in /etc violoating this rule, but that isn't a good reason to repeat this mistake over and over. (And "/etc/nologin"¹ isn't even one of them, btw.) I'm not sure what's the best place in /var, but I'd suggest something like "/var/run/noxdm" (no dot, I see no need to hide it). ¹) Well, when you mentioned "/etc/nologin" I had another idea. Why not check for both "/var/run/noxdm" (or whatever we'll call it) and "/etc/noxdm" in "/etc/init.d/xdm", where the latter will never be created or removed by the system. This way admins may temporarily disable xdm without editing runlevels or bothering with boot options by creating "/etc/noxdm", much like "/etc/nologin" temporarily disables logins. Arches, please test and mark stable: =x11-apps/xinit-1.0.8-r10 Target keywords : "alpha amd64 arm hppa ia64 ppc ppc64 s390 sh sparc x86" amd64/arm/x86 stable Stable on alpha. Stable for HPPA. ia64/s390/sh/sparc stable ppc stable ppc64 done I have slight question, whats left to do on this bug? We close it. I'm not in security, but nothing that I see. We can look into moving the file to /var in another bug since that will also require modifying livecd-tools again. William |