Slackware 13.37slackware-13.37

Mon Apr 25 13:37:00 UTC 2011
Slackware 13.37 x86_64 stable is released!

Thanks to everyone who pitched in on this release: the Slackware team,
the folks producing upstream code, and linuxquestions.org for providing
a great forum for collaboration and testing.

The ISOs are off to be replicated, a 6 CD-ROM 32-bit set and a
dual-sided
32-bit/64-bit x86/x86_64 DVD.  Please consider supporting the Slackware
project by picking up a copy from store.slackware.com.  We're taking
pre-orders now, and offer a discount if you sign up for a subscription.

As always, thanks to the Slackware community for testing, suggestions,
and feedback.  :-)

Have fun!

1 files changed, 139 insertions, 0 deletions

diff --git a/source/l/polkit/CVE-2011-1485/0001-PolkitUnixProcess-Clarify-that-the-real-uid-is-retur.patch b/source/l/polkit/CVE-2011-1485/0001-PolkitUnixProcess-Clarify-that-the-real-uid-is-retur.patch
new file mode 100644
index 000000000..9431056bc
--- /dev/null
+++ b/source/l/polkit/CVE-2011-1485/0001-PolkitUnixProcess-Clarify-that-the-real-uid-is-retur.patch
@@ -0,0 +1,139 @@
+From dd848a42a64a3b22a0cc60f6657b56ce9b6010ae Mon Sep 17 00:00:00 2001
+From: David Zeuthen <davidz@redhat.com>
+Date: Thu, 31 Mar 2011 12:59:09 -0400
+Subject: [PATCH 1/4] PolkitUnixProcess: Clarify that the real uid is
+ returned, not the effective one
+
+On Linux, also switch to parsing /proc/<pid>/status instead of relying
+on the st_uid returned by stat(2) to be the uid we want.
+
+This was pointed out by Neel Mehta <nmehta@google.com>. Thanks!
+
+Signed-off-by: David Zeuthen <davidz@redhat.com>
+---
+ src/polkit/polkitunixprocess.c |   66 ++++++++++++++++++++++++++++++----------
+ 1 files changed, 50 insertions(+), 16 deletions(-)
+
+diff --git a/src/polkit/polkitunixprocess.c b/src/polkit/polkitunixprocess.c
+index d95a1d4..876da69 100644
+--- a/src/polkit/polkitunixprocess.c
++++ b/src/polkit/polkitunixprocess.c
+@@ -24,9 +24,7 @@
+ #endif
+ 
+ #include <sys/types.h>
+-#ifndef HAVE_FREEBSD
+-#include <sys/stat.h>
+-#else
++#ifdef HAVE_FREEBSD
+ #include <sys/param.h>
+ #include <sys/sysctl.h>
+ #include <sys/user.h>
+@@ -34,6 +32,7 @@
+ #include <stdlib.h>
+ #include <string.h>
+ #include <errno.h>
++#include <stdio.h>
+ 
+ #include "polkitunixprocess.h"
+ #include "polkitsubject.h"
+@@ -208,6 +207,8 @@ polkit_unix_process_get_pid (PolkitUnixProcess *process)
+  *
+  * Gets the uid of the owner of @process.
+  *
++ * Note that this returns the real user-id (not the effective user-id) of @process.
++ *
+  * Returns: The UNIX user id of the owner for @process or 0 if @error is set.
+  **/
+ gint
+@@ -215,17 +216,21 @@ polkit_unix_process_get_owner (PolkitUnixProcess  *process,
+                                GError            **error)
+ {
+   gint result;
++  gchar *contents;
++  gchar **lines;
+ #ifdef HAVE_FREEBSD
+   struct kinfo_proc p;
+ #else
+-  struct stat statbuf;
+-  char procbuf[32];
++  gchar filename[64];
++  guint n;
+ #endif
+ 
+   g_return_val_if_fail (POLKIT_IS_UNIX_PROCESS (process), 0);
+   g_return_val_if_fail (error == NULL || *error == NULL, 0);
+ 
+   result = 0;
++  lines = NULL;
++  contents = NULL;
+ 
+ #ifdef HAVE_FREEBSD
+   if (get_kinfo_proc (process->pid, &p) == 0)
+@@ -241,23 +246,52 @@ polkit_unix_process_get_owner (PolkitUnixProcess  *process,
+ 
+   result = p.ki_uid;
+ #else
+-  g_snprintf (procbuf, sizeof procbuf, "/proc/%d", process->pid);
+-  if (stat (procbuf, &statbuf) != 0)
++
++  /* see 'man proc' for layout of the status file
++   *
++   * Uid, Gid: Real, effective, saved set,  and  file  system  UIDs (GIDs).
++   */
++  g_snprintf (filename, sizeof filename, "/proc/%d/status", process->pid);
++  if (!g_file_get_contents (filename,
++                            &contents,
++                            NULL,
++                            error))
+     {
+-      g_set_error (error,
+-                   POLKIT_ERROR,
+-                   POLKIT_ERROR_FAILED,
+-                   "stat() failed for /proc/%d: %s",
+-                   process->pid,
+-                   g_strerror (errno));
+       goto out;
+     }
++  lines = g_strsplit (contents, "\n", -1);
++  for (n = 0; lines != NULL && lines[n] != NULL; n++)
++    {
++      gint real_uid, effective_uid;
++      if (!g_str_has_prefix (lines[n], "Uid:"))
++        continue;
++      if (sscanf (lines[n] + 4, "%d %d", &real_uid, &effective_uid) != 2)
++        {
++          g_set_error (error,
++                       POLKIT_ERROR,
++                       POLKIT_ERROR_FAILED,
++                       "Unexpected line `%s' in file %s",
++                       lines[n],
++                       filename);
++          goto out;
++        }
++      else
++        {
++          result = real_uid;
++          goto out;
++        }
++    }
+ 
+-  result = statbuf.st_uid;
++  g_set_error (error,
++               POLKIT_ERROR,
++               POLKIT_ERROR_FAILED,
++               "Didn't find any line starting with `Uid:' in file %s",
++               filename);
+ #endif
+ 
+- out:
+-
++out:
++  g_strfreev (lines);
++  g_free (contents);
+   return result;
+ }
+ 
+-- 
+1.7.4.4
+