Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

upload: validate and sanitize uploaded dump directories #955

Merged
merged 1 commit into from May 5, 2015

Conversation

jfilak
Copy link
Contributor

@jfilak jfilak commented Apr 20, 2015

It was discovered that, when moving problem reports from
/var/spool/abrt-upload to /var/spool/abrt or /var/tmp/abrt,
abrt-handle-upload does not verify that the new problem directory
has appropriate permissions and does not contain symbolic links. A
crafted problem report exposes other parts of abrt to attack, and
the abrt-handle-upload script allows to overwrite arbitrary files.

Acknowledgement:

This issue was discovered by Florian Weimer of Red Hat Product Security.

Related: #1212953

Signed-off-by: Jakub Filak jfilak@redhat.com

It was discovered that, when moving problem reports from
/var/spool/abrt-upload to /var/spool/abrt or /var/tmp/abrt,
abrt-handle-upload does not verify that the new problem directory
has appropriate permissions and does not contain symbolic links.  A
crafted problem report exposes other parts of abrt to attack, and
the abrt-handle-upload script allows to overwrite arbitrary files.

Acknowledgement:

This issue was discovered by Florian Weimer of Red Hat Product Security.

Related: #1212953

Signed-off-by: Jakub Filak <jfilak@redhat.com>
@jfilak jfilak force-pushed the abrt_upload_watch_sanitize branch from f65c2f4 to 3746b76 Compare April 21, 2015 05:28
@jfilak
Copy link
Contributor Author

jfilak commented Apr 21, 2015

Thank you @fweimer! I've amended the commit. Here is the old commit with comments: f65c2f4

mbrysa pushed a commit that referenced this pull request May 5, 2015
upload: validate and sanitize uploaded dump directories
@mbrysa mbrysa merged commit dc4d22e into master May 5, 2015
@jfilak jfilak deleted the abrt_upload_watch_sanitize branch June 11, 2015 07:59
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

2 participants