Gentoo Archives: gentoo-announce

From: Seemant Kulleen <seemant@g.o>
To: gentoo-announce@g.o, scoop@×××××××××.net
Subject: [gentoo-announce] GLSA: ppp
Date: Wed, 31 Jul 2002 09:29:56
Message-Id: 20020731072944.1b7dfcb7.seemant@gentoo.org
1 - -----------------------------------------------------------------------
2 GLSA: GENTOO LINUX SECURITY ANNOUNCEMENT
3 - -----------------------------------------------------------------------
4 PACKAGE : ppp -- net dialup/point-to-point protocol
5 SUMMARY : security vulnerability in symlink creation
6 DATE : Wed Jul 31 14:29:24 UTC 2002
7 - -----------------------------------------------------------------------
8
9 OVERVIEW
10
11 A race condition exists in the pppd program that may be exploited
12 in order to change the permissions of an arbitrary file.
13
14 DETAIL
15
16 >From the FreeBSD report:
17
18 The file specified as the tty device is opened by pppd, and the
19 permissions are recorded. If pppd fails to initialize the tty device in
20 some way (such as a failure of tcgetattr(3)), then pppd will then attempt
21 to restore the original permissions by calling chmod(2). The call to
22 chmod(2) is subject to a symlink race, so that the permissions may
23 `restored' on some other file.
24
25 The full advisory may be found here:
26 ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02%3A32.pppd.asc
27
28 SOLUTION
29
30 It is recommended that all Gentoo Linux users who are running
31 net-dialup/ppp-2.4.1-r9 and earlier update their systems as follows.
32
33 emerge rsync
34 emerge ppp
35
36 - ------------------------------------------------------------------------
37 aliz@g.o
38 seemant@g.o
39 drobbins@g.o
40 - ------------------------------------------------------------------------
41
42
43 --
44 Seemant Kulleen
45 Developer and Project Co-ordinator,
46 Gentoo Linux http://www.gentoo.org/~seemant