Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 69147 - sys-apps/portage: Two symlink vulnerabilities in dispatch-conf
Summary: sys-apps/portage: Two symlink vulnerabilities in dispatch-conf
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All All
: High normal (vote)
Assignee: Gentoo Security
Whiteboard: A3 [glsa] jaervosz
Depends on: 70282
Blocks: 68846
  Show dependency tree
Reported: 2004-10-27 08:05 UTC by Jason Stubbs (RETIRED)
Modified: 2004-11-07 10:51 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Jason Stubbs (RETIRED) gentoo-dev 2004-10-27 08:05:51 UTC
The first vulnerability is due to a hard-coded of /tmp/dispatch-conf.changes. On startup this file is safely moved to dispatch-conf.changes.old if it exists, but a user can create a symlink between that time and when the log is first written to. Fixed it by making it a config option and disabling it by default.

The second vulnerability is created by dispatch-conf's use of "dispatch-conf.$(pidof dispath-conf)" for it's temporary files. Fixed this by safely creating a directory in and doing all work in there instead.

Changes are in CVS and will go out in portage-2.0.51-r3.
Comment 1 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev 2004-11-01 14:07:37 UTC
portage team please provide a patched ebuild.
Comment 2 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev 2004-11-05 02:53:22 UTC
Using this bug for stable marking.

Arches please do not mark stable directly but test as per Nicholas request below.

Snip form Nicholas aka carpaski on bug #69137 :

portage-2.0.51-r3 (dispatch-conf, sandbox, and dohtml-for-python2.2)

Arches please report back bugs/problems/success rather than
directly bumping for your arch.
Comment 3 Jochen Maes (RETIRED) gentoo-dev 2004-11-05 04:40:50 UTC
i'm running and testing for ppc
Comment 4 Gustavo Zacarias (RETIRED) gentoo-dev 2004-11-05 07:42:16 UTC
testing on sparc, so far so good.
Comment 5 Markus Rothe (RETIRED) gentoo-dev 2004-11-05 12:45:21 UTC
no problems on ppc64 so far...

Comment 6 Simon Stelling (RETIRED) gentoo-dev 2004-11-05 13:48:45 UTC
looks good so far on amd64
Comment 7 Bryan Østergaard (RETIRED) gentoo-dev 2004-11-05 15:42:40 UTC
Looks good on alpha.
Comment 8 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev 2004-11-07 03:20:52 UTC
thx carpaski:

[01:43:02] <carpaski> I kicked -r3 into stable.

Removing arches from CC.
Comment 9 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev 2004-11-07 04:28:49 UTC
Hmmm now dispatch-conf starts failing for me (u option).

Jason will you look into this?

diff: extra operand `/etc/piwi/Filters/._cfg0000_High'
diff: Try `diff --help' for more information.

>> (1 of 1) -- /etc/piwi/Filters/High severity.flt
>> q quit, h help, n next, e edit-new, z zap-new, u use-new
   m merge, t toggle-merge, l look-merge:
Traceback (most recent call last):
  File "/usr/sbin/dispatch-conf", line 309, in ?
    d.grind (portage.settings ['CONFIG_PROTECT'])
  File "/usr/sbin/dispatch-conf", line 208, in grind
    self.replace(newconf, conf ['current'])
  File "/usr/sbin/dispatch-conf", line 222, in replace
    os.system((DIFF_CONTENTS % (curconf, newconf)) + '>>' + self.config["log-file"])
AttributeError: dispatch instance has no attribute 'config'
Comment 10 Jason Stubbs (RETIRED) gentoo-dev 2004-11-07 04:51:19 UTC
Yep. Found and fixed.
Comment 11 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev 2004-11-07 08:10:46 UTC
Thx for the quick fix, you might wanna bump to r4.

This one is ready for GLSA
Comment 12 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev 2004-11-07 10:51:26 UTC
GLSA 200411-13