Permalink
Browse files

Local privilege escalation when using daemon mode. (CVE-2014-0240)

  • Loading branch information...
1 parent 4fbddb6 commit d9d5fea585b23991f76532a9b07de7fcd3b649f4 @GrahamDumpleton committed May 21, 2014
Showing with 13 additions and 0 deletions.
  1. +13 −0 mod_wsgi.c
View
@@ -10756,6 +10756,19 @@ static void wsgi_setup_access(WSGIDaemonProcess *daemon)
ap_log_error(APLOG_MARK, WSGI_LOG_ALERT(errno), wsgi_server,
"mod_wsgi (pid=%d): Unable to change to uid=%ld.",
getpid(), (long)daemon->group->uid);
+
+ /*
+ * On true UNIX systems this should always succeed at
+ * this point. With certain Linux kernel versions though
+ * we can get back EAGAIN where the target user had
+ * reached their process limit. In that case will be left
+ * running as wrong user. Just exit on all failures to be
+ * safe. Don't die immediately to avoid a fork bomb.
+ */
+
+ sleep(20);
+
+ exit(-1);
}
/*

0 comments on commit d9d5fea

Please sign in to comment.