| 1 |
commit: 7d56e1b385a02eab7852a3f0677f9f0f63c93df2 |
| 2 |
Author: Michael Orlitzky <mjo <AT> gentoo <DOT> org> |
| 3 |
AuthorDate: Thu Aug 31 00:52:49 2017 +0000 |
| 4 |
Commit: Michael Orlitzky <mjo <AT> gentoo <DOT> org> |
| 5 |
CommitDate: Thu Aug 31 00:52:49 2017 +0000 |
| 6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7d56e1b3 |
| 7 |
|
| 8 |
app-admin/tenshi: new revision with tenshi.conf owned by root:root. |
| 9 |
|
| 10 |
The tenshi.conf file was owned by the "tenshi" user in previous |
| 11 |
revisions. This was open to exploitation because that conf file |
| 12 |
contains two important settings: |
| 13 |
|
| 14 |
1. The UID that the daemon will run as. |
| 15 |
2. The "tail" command to be run on the logfiles. |
| 16 |
|
| 17 |
If the "tenshi" user can write to it, he can specify an arbitrary |
| 18 |
command to be run as an arbitrary UID the next time the daemon is |
| 19 |
started. |
| 20 |
|
| 21 |
Thanks to Brian De Wolf for noticing the problem. |
| 22 |
|
| 23 |
Package-Manager: Portage-2.3.6, Repoman-2.3.1 |
| 24 |
|
| 25 |
app-admin/tenshi/{tenshi-0.16.ebuild => tenshi-0.16-r1.ebuild} | 1 - |
| 26 |
1 file changed, 1 deletion(-) |
| 27 |
|
| 28 |
diff --git a/app-admin/tenshi/tenshi-0.16.ebuild b/app-admin/tenshi/tenshi-0.16-r1.ebuild |
| 29 |
similarity index 96% |
| 30 |
rename from app-admin/tenshi/tenshi-0.16.ebuild |
| 31 |
rename to app-admin/tenshi/tenshi-0.16-r1.ebuild |
| 32 |
index 5ea26981d82..45059dc892f 100644 |
| 33 |
--- a/app-admin/tenshi/tenshi-0.16.ebuild |
| 34 |
+++ b/app-admin/tenshi/tenshi-0.16-r1.ebuild |
| 35 |
@@ -32,7 +32,6 @@ src_prepare() { |
| 36 |
|
| 37 |
src_install() { |
| 38 |
emake DESTDIR="${D}" install |
| 39 |
- fowners tenshi:root /etc/tenshi/tenshi.conf |
| 40 |
doman tenshi.8 |
| 41 |
newinitd tenshi.openrc-init tenshi |
Archives