summaryrefslogtreecommitdiffstats
path: root/source/l/glibc/glibc.CVE-2013-2207.diff
diff options
context:
space:
mode:
Diffstat (limited to 'source/l/glibc/glibc.CVE-2013-2207.diff')
-rw-r--r--source/l/glibc/glibc.CVE-2013-2207.diff241
1 files changed, 0 insertions, 241 deletions
diff --git a/source/l/glibc/glibc.CVE-2013-2207.diff b/source/l/glibc/glibc.CVE-2013-2207.diff
deleted file mode 100644
index c43ccf5cd..000000000
--- a/source/l/glibc/glibc.CVE-2013-2207.diff
+++ /dev/null
@@ -1,241 +0,0 @@
-From 5d96012d9978efe4bad88a38e2efcbeada9f7585 Mon Sep 17 00:00:00 2001
-From: mancha <mancha1@hush.com>
-Date: Thu, 22 Aug 2013
-Subject: CVE-2013-2207, BZ #15755: Disable pt_chown.
-
-Using the setuid installed pt_chown and a weak check on whether a file
-descriptor is a tty, an attacker could fake a pty check using FUSE and
-trick pt_chown to grant ownership of a pty descriptor that the current
-user does not own. It cannot access /dev/pts/ptmx however.
-
-Pre-conditions for the attack:
-
- * Attacker with local user account
- * Kernel with FUSE support
- * "user_allow_other" in /etc/fuse.conf
- * Victim with allocated slave in /dev/pts
-
-In most modern distributions pt_chown is not needed because devpts
-is enabled by default. The fix for this CVE is to disable building
-and using pt_chown by default. We still provide a configure option
-to enable the use of pt_chown but distributions do so at their own
-risk.
-
----
-This patch was adapted for glibc 2.17 point release from:
-http://sourceware.org/git/?p=glibc.git;a=commit;h=e4608715e6e1
----
-
- INSTALL | 12 ++++++++++++
- config.h.in | 3 +++
- config.make.in | 1 +
- configure | 15 +++++++++++++++
- configure.in | 10 ++++++++++
- login/Makefile | 8 +++++++-
- manual/install.texi | 14 ++++++++++++++
- sysdeps/unix/grantpt.c | 8 +++++---
- sysdeps/unix/sysv/linux/grantpt.c | 5 +++--
- 9 files changed, 70 insertions(+), 6 deletions(-)
----
-
---- a/INSTALL
-+++ b/INSTALL
-@@ -128,6 +128,18 @@ will be used, and CFLAGS sets optimizati
- this can be prevented though there generally is no reason since it
- creates compatibility problems.
-
-+`--enable-pt_chown'
-+ The file `pt_chown' is a helper binary for `grantpt' (*note
-+ Pseudo-Terminals: Allocation.) that is installed setuid root to
-+ fix up pseudo-terminal ownership. It is not built by default
-+ because systems using the Linux kernel are commonly built with the
-+ `devpts' filesystem enabled and mounted at `/dev/pts', which
-+ manages pseudo-terminal ownership automatically. By using
-+ `--enable-pt_chown', you may build `pt_chown' and install it
-+ setuid and owned by `root'. The use of `pt_chown' introduces
-+ additional security risks to the system and you should enable it
-+ only if you understand and accept those risks.
-+
- `--build=BUILD-SYSTEM'
- `--host=HOST-SYSTEM'
- These options are for cross-compiling. If you specify both
---- a/config.h.in
-+++ b/config.h.in
-@@ -232,4 +232,7 @@
- /* The ARM hard-float ABI is being used. */
- #undef HAVE_ARM_PCS_VFP
-
-+/* The pt_chown binary is being built and used by grantpt. */
-+#undef HAVE_PT_CHOWN
-+
- #endif
---- a/config.make.in
-+++ b/config.make.in
-@@ -101,6 +101,7 @@ force-install = @force_install@
- link-obsolete-rpc = @link_obsolete_rpc@
- build-nscd = @build_nscd@
- use-nscd = @use_nscd@
-+build-pt-chown = @build_pt_chown@
-
- # Build tools.
- CC = @CC@
---- a/configure
-+++ b/configure
-@@ -653,6 +653,7 @@ multi_arch
- base_machine
- add_on_subdirs
- add_ons
-+build_pt_chown
- build_nscd
- link_obsolete_rpc
- libc_cv_nss_crypt
-@@ -759,6 +760,7 @@ enable_obsolete_rpc
- enable_systemtap
- enable_build_nscd
- enable_nscd
-+enable_pt_chown
- with_cpu
- '
- ac_precious_vars='build_alias
-@@ -1419,6 +1421,7 @@ Optional Features:
- --enable-systemtap enable systemtap static probe points [default=no]
- --disable-build-nscd disable building and installing the nscd daemon
- --disable-nscd library functions will not contact the nscd daemon
-+ --enable-pt_chown Enable building and installing pt_chown
-
- Optional Packages:
- --with-PACKAGE[=ARG] use PACKAGE [ARG=yes]
-@@ -3933,6 +3936,18 @@ else
- use_nscd=yes
- fi
-
-+# Check whether --enable-pt_chown was given.
-+if test "${enable_pt_chown+set}" = set; then :
-+ enableval=$enable_pt_chown; build_pt_chown=$enableval
-+else
-+ build_pt_chown=no
-+fi
-+
-+
-+if test $build_pt_chown = yes; then
-+ $as_echo "#define HAVE_PT_CHOWN 1" >>confdefs.h
-+
-+fi
-
- # The way shlib-versions is used to generate soversions.mk uses a
- # fairly simplistic model for name recognition that can't distinguish
---- a/configure.in
-+++ b/configure.in
-@@ -315,6 +315,16 @@ AC_ARG_ENABLE([nscd],
- [use_nscd=$enableval],
- [use_nscd=yes])
-
-+AC_ARG_ENABLE([pt_chown],
-+ [AS_HELP_STRING([--enable-pt_chown],
-+ [Enable building and installing pt_chown])],
-+ [build_pt_chown=$enableval],
-+ [build_pt_chown=no])
-+AC_SUBST(build_pt_chown)
-+if test $build_pt_chown = yes; then
-+ AC_DEFINE(HAVE_PT_CHOWN)
-+fi
-+
- # The way shlib-versions is used to generate soversions.mk uses a
- # fairly simplistic model for name recognition that can't distinguish
- # i486-pc-linux-gnu fully from i486-pc-gnu. So we mutate a $host_os
---- a/login/Makefile
-+++ b/login/Makefile
-@@ -29,9 +29,15 @@ routines := getutent getutent_r getutid
-
- CFLAGS-grantpt.c = -DLIBEXECDIR='"$(libexecdir)"'
-
--others = utmpdump pt_chown
-+others = utmpdump
-+
-+include ../Makeconfig
-+
-+ifeq (yes,$(build-pt-chown))
-+others += pt_chown
- others-pie = pt_chown
- install-others-programs = $(inst_libexecdir)/pt_chown
-+endif
-
- subdir-dirs = programs
- vpath %.c programs
---- a/manual/install.texi
-+++ b/manual/install.texi
-@@ -155,6 +155,20 @@ if the used tools support it. By using
- prevented though there generally is no reason since it creates
- compatibility problems.
-
-+@pindex pt_chown
-+@findex grantpt
-+@item --enable-pt_chown
-+The file @file{pt_chown} is a helper binary for @code{grantpt}
-+(@pxref{Allocation, Pseudo-Terminals}) that is installed setuid root to
-+fix up pseudo-terminal ownership. It is not built by default because
-+systems using the Linux kernel are commonly built with the @code{devpts}
-+filesystem enabled and mounted at @file{/dev/pts}, which manages
-+pseudo-terminal ownership automatically. By using
-+@samp{--enable-pt_chown}, you may build @file{pt_chown} and install it
-+setuid and owned by @code{root}. The use of @file{pt_chown} introduces
-+additional security risks to the system and you should enable it only if
-+you understand and accept those risks.
-+
- @item --build=@var{build-system}
- @itemx --host=@var{host-system}
- These options are for cross-compiling. If you specify both options and
---- a/sysdeps/unix/grantpt.c
-+++ b/sysdeps/unix/grantpt.c
-@@ -173,9 +173,10 @@ grantpt (int fd)
- retval = 0;
- goto cleanup;
-
-- /* We have to use the helper program. */
-+ /* We have to use the helper program if it is available.. */
- helper:;
-
-+#ifdef HAVE_PT_CHOWN
- pid_t pid = __fork ();
- if (pid == -1)
- goto cleanup;
-@@ -190,9 +191,9 @@ grantpt (int fd)
- if (__dup2 (fd, PTY_FILENO) < 0)
- _exit (FAIL_EBADF);
-
--#ifdef CLOSE_ALL_FDS
-+# ifdef CLOSE_ALL_FDS
- CLOSE_ALL_FDS ();
--#endif
-+# endif
-
- execle (_PATH_PT_CHOWN, basename (_PATH_PT_CHOWN), NULL, NULL);
- _exit (FAIL_EXEC);
-@@ -231,6 +232,7 @@ grantpt (int fd)
- assert(! "getpt: internal error: invalid exit code from pt_chown");
- }
- }
-+#endif
-
- cleanup:
- if (buf != _buf)
---- a/sysdeps/unix/sysv/linux/grantpt.c
-+++ b/sysdeps/unix/sysv/linux/grantpt.c
-@@ -11,7 +11,7 @@
-
- #include "pty-private.h"
-
--
-+#if HAVE_PT_CHOWN
- /* Close all file descriptors except the one specified. */
- static void
- close_all_fds (void)
-@@ -38,6 +38,7 @@ close_all_fds (void)
- __dup2 (STDOUT_FILENO, STDERR_FILENO);
- }
- }
--#define CLOSE_ALL_FDS() close_all_fds()
-+# define CLOSE_ALL_FDS() close_all_fds()
-+#endif
-
- #include <sysdeps/unix/grantpt.c>