rpms/util-linux/F-7 util-linux-2.12a-mount-lockperm.patch, NONE, 1.1 util-linux.spec, 1.154, 1.155
Karel Zak (kzak)
fedora-extras-commits at redhat.com
Thu Aug 2 09:22:52 UTC 2007
- Previous message (by thread): rpms/system-config-securitylevel/F-7 system-config-securitylevel-1.7.0-desktopfile.patch, NONE, 1.1 system-config-securitylevel-1.7.0-disable.patch, NONE, 1.1 system-config-securitylevel-1.7.0-dirty.patch, 1.2, 1.3 system-config-securitylevel.spec, 1.97, 1.98
- Next message (by thread): fedora-security/audit fc6,1.226,1.227
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: kzak
Update of /cvs/pkgs/rpms/util-linux/F-7
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv8236
Modified Files:
util-linux.spec
Added Files:
util-linux-2.12a-mount-lockperm.patch
Log Message:
* Thu Aug 2 2007 Karel Zak <kzak at redhat.com> 2.13-0.53
- fix #236848 - mount/fstab.c:lock_mtab() should open with proper permissions
util-linux-2.12a-mount-lockperm.patch:
--- NEW FILE util-linux-2.12a-mount-lockperm.patch ---
From: Flávio Leitner <fleitner at redhat.com>
Subject: mount should set proper permissions on locktime
When creating the "/etc/mtab~" lockfile (specifically 'linktargetfile' in the
lock_mtab function), the file is created with incorrect permissions ('000')
which necessitates root to leverage CAP_DAC_OVERRIDE. If proper file modes (it
would appear 0600 would be sufficient) were used in the open this would
function properly with CAP_DAC_OVERRIDE revoked.
--- util-linux-2.12a/mount/fstab.c.kzak 2007-07-31 12:13:26.000000000 +0200
+++ util-linux-2.12a/mount/fstab.c 2007-07-31 12:13:11.000000000 +0200
@@ -433,7 +433,7 @@
linktargetfile = xmalloc(strlen(MOUNTLOCK_LINKTARGET) + 20);
sprintf(linktargetfile, MOUNTLOCK_LINKTARGET, getpid ());
- i = open (linktargetfile, O_WRONLY|O_CREAT, 0);
+ i = open (linktargetfile, O_WRONLY|O_CREAT, S_IRUSR|S_IWUSR);
if (i < 0) {
int errsv = errno;
/* linktargetfile does not exist (as a file)
Index: util-linux.spec
===================================================================
RCS file: /cvs/pkgs/rpms/util-linux/F-7/util-linux.spec,v
retrieving revision 1.154
retrieving revision 1.155
diff -u -r1.154 -r1.155
--- util-linux.spec 10 Jul 2007 09:55:56 -0000 1.154
+++ util-linux.spec 2 Aug 2007 09:22:19 -0000 1.155
@@ -9,7 +9,7 @@
Summary: A collection of basic system utilities.
Name: util-linux
Version: 2.13
-Release: 0.52%{?dist}
+Release: 0.53%{?dist}
License: distributable
Group: System Environment/Base
@@ -257,10 +257,9 @@
Patch268: util-linux-2.13-mount-loop.patch
# 213253: "cal -3" generates improperly formatted output
Patch269: util-linux-2.13-cal-3.patch
+# 236848 - mount/fstab.c:lock_mtab() should open with proper permissions
+Patch270: util-linux-2.12a-mount-lockperm.patch
-# When adding patches, please make sure that it is easy to find out what bug # the
-# patch fixes.
-########### END upstreamable
%description
The util-linux package contains a large variety of low-level system
@@ -365,6 +364,7 @@
%patch267 -p1
%patch268 -p1
%patch269 -p1
+%patch270 -p1
%build
unset LINGUAS || :
@@ -778,6 +778,9 @@
/sbin/losetup
%changelog
+* Thu Aug 2 2007 Karel Zak <kzak at redhat.com> 2.13-0.53
+- fix #236848 - mount/fstab.c:lock_mtab() should open with proper permissions
+
* Mon Jul 9 2007 Karel Zak <kzak at redhat.com> 2.13-0.52
- fix #245578 - login's PAM configuration inits the keyring at an inconvenient time
- fix #231532 - "pamconsole" not documented in mount(8)
- Previous message (by thread): rpms/system-config-securitylevel/F-7 system-config-securitylevel-1.7.0-desktopfile.patch, NONE, 1.1 system-config-securitylevel-1.7.0-disable.patch, NONE, 1.1 system-config-securitylevel-1.7.0-dirty.patch, 1.2, 1.3 system-config-securitylevel.spec, 1.97, 1.98
- Next message (by thread): fedora-security/audit fc6,1.226,1.227
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list