New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

recursive chowning fixes #10517

Merged
merged 4 commits into from Oct 26, 2018

Conversation

3 participants
@poettering
Copy link
Member

poettering commented Oct 25, 2018

No description provided.

poettering added some commits Oct 19, 2018

chown-recursive: let's rework the recursive logic to use O_PATH
That way we can pin a specific inode and analyze it and manipulate it
without it being swapped out beneath our hands.

Fixes a vulnerability originally found by Jann Horn from Google.

CVE-2018-15687
LP: #1796692
https://bugzilla.redhat.com/show_bug.cgi?id=1639076
chown-recursive: also drop ACLs when recursively chown()ing
Let's better be safe than sorry and also drop ACLs.

@poettering poettering force-pushed the poettering:chown-rec-fixes branch from fd21db4 to cb9e44d Oct 26, 2018

@poettering

This comment has been minimized.

Copy link
Member

poettering commented Oct 26, 2018

OK, I finally figured it out. Apparently on the Ubuntu kernel/filesystem chmod() on /proc/self/fd/ when it is a symlink will fail, while on my Fedora kernel/btrfs it succeeds (though has no effect). Let's simply skip the chmod() for symlinks since that has no effect anyway. That's what the new version I just force pushed does. That's the only change.

Since the change is so minimal to the earlier version that already was green-labelled, taking the liberty to green-label this one again.

@poettering poettering merged commit dc81f52 into systemd:master Oct 26, 2018

5 of 8 checks passed

bionic-amd64 autopkgtest running
Details
bionic-arm64 autopkgtest running
Details
bionic-i386 autopkgtest running
Details
Fedora Rawhide CI x86_64 rpm build [succeeded]
Details
LGTM analysis: C/C++ No alert changes
Details
LGTM analysis: JavaScript No code changes detected
Details
bionic-s390x autopkgtest finished (success)
Details
semaphoreci The build passed on Semaphore.
Details
@carnil

This comment has been minimized.

Copy link

carnil commented Oct 27, 2018

Cross-reference from MITRE database: CVE-2018-15687

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment