diff options
Diffstat (limited to 'meta/recipes-core/coreutils/coreutils/CVE-2017-18018-2.patch')
-rw-r--r-- | meta/recipes-core/coreutils/coreutils/CVE-2017-18018-2.patch | 83 |
1 files changed, 83 insertions, 0 deletions
diff --git a/meta/recipes-core/coreutils/coreutils/CVE-2017-18018-2.patch b/meta/recipes-core/coreutils/coreutils/CVE-2017-18018-2.patch new file mode 100644 index 0000000000..c8f5f54acf --- /dev/null +++ b/meta/recipes-core/coreutils/coreutils/CVE-2017-18018-2.patch | |||
@@ -0,0 +1,83 @@ | |||
1 | From bc2fd9796403e03bb757b064d44c22fab92e6842 Mon Sep 17 00:00:00 2001 | ||
2 | From: Michael Orlitzky <michael@orlitzky.com> | ||
3 | Date: Thu, 4 Jan 2018 11:38:21 -0500 | ||
4 | Subject: doc: warn about following symlinks recursively in chown/chgrp | ||
5 | |||
6 | In both chown and chgrp (which shares its code with chown), operating | ||
7 | on symlinks recursively has a window of vulnerability where the | ||
8 | destination user or group can change the target of the operation. | ||
9 | Warn about combining the --dereference, --recursive, and -L flags. | ||
10 | |||
11 | * doc/coreutils.texi (warnOptDerefWithRec): Add macro. | ||
12 | (node chown invocation): Add it to --dereference and -L. | ||
13 | (node chgrp invocation): Likewise. | ||
14 | |||
15 | See also: CVE-2017-18018 | ||
16 | CVE: CVE-2017-18018 | ||
17 | Upstream-Status: Backport from v8.30 | ||
18 | |||
19 | Signed-off-by: Michael Orlitzky <michael@orlitzky.com> | ||
20 | Signed-off-by: Jagadeesh Krishnanjanappa <jkrishnanjanappa@mvista.com> | ||
21 | --- | ||
22 | doc/coreutils.texi | 17 +++++++++++++++++ | ||
23 | 1 file changed, 17 insertions(+) | ||
24 | |||
25 | diff --git a/doc/coreutils.texi b/doc/coreutils.texi | ||
26 | index 6bb9f09..9f5f95b 100644 | ||
27 | --- a/doc/coreutils.texi | ||
28 | +++ b/doc/coreutils.texi | ||
29 | @@ -1428,6 +1428,19 @@ a command line argument is a symbolic link to a directory, traverse it. | ||
30 | In a recursive traversal, traverse every symbolic link to a directory | ||
31 | that is encountered. | ||
32 | @end macro | ||
33 | + | ||
34 | +@c Append the following warning to -L where appropriate (e.g. chown). | ||
35 | +@macro warnOptDerefWithRec | ||
36 | + | ||
37 | +Combining this dereferencing option with the @option{--recursive} option | ||
38 | +may create a security risk: | ||
39 | +During the traversal of the directory tree, an attacker may be able to | ||
40 | +introduce a symlink to an arbitrary target; when the tool reaches that, | ||
41 | +the operation will be performed on the target of that symlink, | ||
42 | +possibly allowing the attacker to escalate privileges. | ||
43 | + | ||
44 | +@end macro | ||
45 | + | ||
46 | @choptL | ||
47 | |||
48 | @macro choptP | ||
49 | @@ -10995,6 +11008,7 @@ chown -h -R --from=OLDUSER NEWUSER / | ||
50 | @findex lchown | ||
51 | Do not act on symbolic links themselves but rather on what they point to. | ||
52 | This is the default when not operating recursively. | ||
53 | +@warnOptDerefWithRec | ||
54 | |||
55 | @item -h | ||
56 | @itemx --no-dereference | ||
57 | @@ -11051,6 +11065,7 @@ Recursively change ownership of directories and their contents. | ||
58 | @xref{Traversing symlinks}. | ||
59 | |||
60 | @choptL | ||
61 | +@warnOptDerefWithRec | ||
62 | @xref{Traversing symlinks}. | ||
63 | |||
64 | @choptP | ||
65 | @@ -11125,6 +11140,7 @@ changed. | ||
66 | @findex lchown | ||
67 | Do not act on symbolic links themselves but rather on what they point to. | ||
68 | This is the default when not operating recursively. | ||
69 | +@warnOptDerefWithRec | ||
70 | |||
71 | @item -h | ||
72 | @itemx --no-dereference | ||
73 | @@ -11180,6 +11196,7 @@ Recursively change the group ownership of directories and their contents. | ||
74 | @xref{Traversing symlinks}. | ||
75 | |||
76 | @choptL | ||
77 | +@warnOptDerefWithRec | ||
78 | @xref{Traversing symlinks}. | ||
79 | |||
80 | @choptP | ||
81 | -- | ||
82 | cgit v1.0-41-gc330 | ||
83 | |||