Permalink
Browse files

create PID file before dropping privileges (CVE-2017-11746)

  • Loading branch information...
abarisani committed Aug 2, 2017
1 parent 2e637b5 commit 46b0148aa2706da21cd67ed9c4922ba897b50823
Showing with 8 additions and 17 deletions.
  1. +2 −6 tenshi
  2. +3 −4 tenshi.8
  3. +3 −3 tenshi.debian-init
  4. +0 −4 tenshi.openrc-init
View
8 tenshi
@@ -52,7 +52,6 @@ my $last_minute = 0;
my $sleep = 5;
my $mailtimeout = 10;
my $select_timeout = 1;
my $saved_pid = 0;
my $config_reinit = 1;
@@ -123,6 +122,7 @@ if ($listen) {
$SIG{'CHLD'} = sub { $debug && debug(5,'CHLD') ; print RED "[ERROR] child died, bailing out\n"; $time_to_die = 1; };
save_pid();
prepare_process();
#
@@ -258,8 +258,6 @@ if (!($debug || $profile || $foreground)) {
daemonize();
}
save_pid();
while (!$time_to_die) {
my $now = time;
my ($fh, $line);
@@ -306,7 +304,7 @@ while (!$time_to_die) {
}
# throttle down loop on void reads
unless ($line) { print("sleep\n"); sleep(1) };
unless ($line) { sleep(1) };
}
queues_flush();
@@ -1031,13 +1029,11 @@ sub save_pid {
open (PIDFILE,">$pid_file") or clean_up and die RED "[ERROR] could not open pid file $pid_file: $!\n";
print PIDFILE $$; $debug && debug(4,$$);
close PIDFILE;
$saved_pid = 1;
}
sub clean_up {
my $save = $!; # preserve $! for the call to die
local $SIG{CHLD} = 'IGNORE';
unlink $pid_file if $saved_pid;
if (scalar(@tail_pids) > 0) {
$debug && debug(21, join(' ', @tail_pids));
View
@@ -103,10 +103,9 @@ options and HUP tenshi it will die. You have been warned.
.TP
.I set uid tenshi
Specify the effective user ID of the process when in daemon mode. The user must
be able to read the selected log files, the configuration file and write the
specified pid file. Using a privileged user is discouraged as it is not usually
necessary (log files permissions can be set accordingly with most syslog
implementations).
be able to read the selected log files and the configuration file. Using a
privileged user is discouraged as it is not usually necessary (log files
permissions can be set accordingly with most syslog implementations).
.TP
.I set gid tenshi
Specify the effective group ID of the process when in daemon mode.
View
@@ -10,17 +10,17 @@ case "$1" in
;;
stop)
echo -n "Stopping log monitor: tenshi"
start-stop-daemon --stop --quiet --pidfile /var/run/tenshi/tenshi.pid
start-stop-daemon --stop --quiet --remove-pidfile --pidfile /var/run/tenshi.pid
echo "."
;;
reload)
echo -n "Reloading log monitor: tenshi"
kill -HUP `cat /var/lib/tenshi/tenshi.pid` &>/dev/null
kill -HUP `cat /var/run/tenshi.pid` &>/dev/null
echo "."
;;
restart)
echo -n "Stopping log monitor: tenshi"
start-stop-daemon --stop --quiet --pidfile /var/run/tenshi/tenshi.pid
start-stop-daemon --stop --quiet --remove-pidfile --pidfile /var/run/tenshi.pid
echo "."
sleep 1
echo -n "Starting log monitor: tenshi"
View
@@ -22,10 +22,6 @@ checkconfig() {
}
start_pre() {
# Ensure that the pidfile directory is writable by the tenshi
# user/group (as defined by default in the config file).
checkpath --directory --mode 0700 --owner tenshi:tenshi "${TENSHI_PIDDIR}"
# If this isn't a restart, make sure that the user's config isn't
# busted before we try to start the daemon (this will produce
# better error messages than if we just try to start it blindly).

3 comments on commit 46b0148

@orlitzky

This comment has been minimized.

Show comment
Hide comment
@orlitzky

orlitzky Aug 16, 2017

Contributor

Would you be willing to make a new release with this fix? I'd like to make the CVE public now that it's fixed, and distros will be happier if I can say with certainty that it's fixed in e.g. v0.16.

Contributor

orlitzky replied Aug 16, 2017

Would you be willing to make a new release with this fix? I'd like to make the CVE public now that it's fixed, and distros will be happier if I can say with certainty that it's fixed in e.g. v0.16.

@abarisani

This comment has been minimized.

Show comment
Hide comment
Contributor

abarisani replied Aug 17, 2017

@orlitzky

This comment has been minimized.

Show comment
Hide comment
@orlitzky

orlitzky Aug 17, 2017

Contributor

Awesome, thanks again.

Contributor

orlitzky replied Aug 17, 2017

Awesome, thanks again.

Please sign in to comment.