Hello community, here is the log from the commit of package openvas-manager for openSUSE:Factory checked in at Mon May 2 14:20:53 CEST 2011.
-------- --- openvas-manager/openvas-manager.changes 2011-03-03 01:57:28.000000000 +0100 +++ /mounts/work_src_done/STABLE/openvas-manager/openvas-manager.changes 2011-04-22 13:26:13.000000000 +0200 @@ -1,0 +2,9 @@ +Fri Apr 22 10:12:32 UTC 2011 - [email protected] + +- Updated to 2.0.3 + * Enforces strict permissions on sensitive OpenVAS Manager files. + * Drop privileges before executing report format plugins if running with + elevated privileges. + * Ensures report formats are trusted before executing them. + +------------------------------------------------------------------- calling whatdependson for head-i586 Old: ---- openvas-manager-2.0.2.tar.gz New: ---- debian.series openvas-manager-2.0.3-install.patch openvas-manager-2.0.3.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ openvas-manager.spec ++++++ --- /var/tmp/diff_new_pack.kzOMe9/_old 2011-05-02 14:18:36.000000000 +0200 +++ /var/tmp/diff_new_pack.kzOMe9/_new 2011-05-02 14:18:36.000000000 +0200 @@ -19,9 +19,9 @@ Name: openvas-manager -Version: 2.0.2 +Version: 2.0.3 Release: 1 -License: GNU GPL v2 or later +License: GPLv2+ Group: Productivity/Networking/Security Url: http://www.openvas.org Source0: %{name}-%{version}.tar.gz @@ -30,6 +30,7 @@ Source3: openvasmd.init.suse Source4: openvasmd.init.fedora Source5: openvasmd.init.mandriva +Patch0: openvas-manager-2.0.3-install.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build %if 0%{?fedora_version} || 0%{?scientificlinux_version} @@ -64,6 +65,7 @@ %prep %setup -q +%patch0 %build %if 0%{?mandriva_version} @@ -163,7 +165,6 @@ %doc CHANGES README %config(noreplace) %{_sysconfdir}/logrotate.d/openvas-manager %dir %{_sysconfdir}/openvas -#config(noreplace) %{_sysconfdir}/openvas/openvasmd %config(noreplace) %{_sysconfdir}/openvas/openvasmd_log.conf %{_initrddir}/openvas-manager %{_sbindir}/openvasmd @@ -171,6 +172,7 @@ %{_datadir}/openvas/openvasmd %dir %{_localstatedir}/lib/openvas %{_localstatedir}/lib/openvas/mgr +%{_localstatedir}/lib/openvas/openvasmd %dir %{_localstatedir}/log/openvas %ghost %{_localstatedir}/log/openvas/openvasmd.log ++++++ debian.changelog ++++++ --- /var/tmp/diff_new_pack.kzOMe9/_old 2011-05-02 14:18:36.000000000 +0200 +++ /var/tmp/diff_new_pack.kzOMe9/_new 2011-05-02 14:18:36.000000000 +0200 @@ -1,3 +1,13 @@ +openvas-manager (2.0.3-1) UNRELEASED; urgency=low + + * New upstream release. + - Enforces strict permissions on sensitive OpenVAS Manager files. + - Drop privileges before executing report format plugins if running with + elevated privileges. + - Ensures report formats are trusted before executing them. + + -- Stephan Kleine <[email protected]> Fri, 22 Apr 2011 12:13:53 +0200 + openvas-manager (2.0.2-1) UNRELEASED; urgency=low * New upstream release. ++++++ debian.openvas-manager.dirs ++++++ --- /var/tmp/diff_new_pack.kzOMe9/_old 2011-05-02 14:18:36.000000000 +0200 +++ /var/tmp/diff_new_pack.kzOMe9/_new 2011-05-02 14:18:36.000000000 +0200 @@ -1 +1,3 @@ +var/lib/openvas/mgr +var/lib/openvas/openvasmd/report_formats var/log/openvas ++++++ debian.series ++++++ openvas-manager-2.0.3-install.patch -p0 ++++++ openvas-manager-2.0.3-install.patch ++++++ Index: CMakeLists.txt =================================================================== --- CMakeLists.txt.orig 2011-04-15 15:30:03.000000000 +0200 +++ CMakeLists.txt 2011-04-22 12:29:06.124935838 +0200 @@ -257,7 +257,7 @@ enable_testing () ## Install -install (CODE "file (MAKE_DIRECTORY ${OPENVAS_STATE_DIR}/openvasmd/report_formats/)") +install (CODE "FILE(MAKE_DIRECTORY \$ENV{DESTDIR}${OPENVAS_STATE_DIR}/openvasmd/report_formats)") install (FILES ${CMAKE_BINARY_DIR}/src/openvasmd_log.conf DESTINATION ${OPENVAS_SYSCONF_DIR}) ++++++ openvas-manager-2.0.2.tar.gz -> openvas-manager-2.0.3.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openvas-manager-2.0.2/CHANGES new/openvas-manager-2.0.3/CHANGES --- old/openvas-manager-2.0.2/CHANGES 2011-03-02 15:21:27.000000000 +0100 +++ new/openvas-manager-2.0.3/CHANGES 2011-04-15 15:30:03.000000000 +0200 @@ -1,3 +1,34 @@ +openvas-manager 2.0.3 (2011-04-15) + +This is the third maintenance release of the openvas-manager 2.0 module for the +Open Vulnerability Assessment System release 4 (OpenVAS-4). The OpenVAS Manager +is the central management service between the actual security scanner and +various user clients. + +This release fixes a severe security issue discovered after the release of +openvas-manager 2.0.2. By crafting a special report format plugin, and knowing +about the operating system on which OpenVAS Manager is running, a rogue user +was able to upload the plugin and execute arbitrary code with the privileges of +the user running the OpenVAS Manager. + +This release enforces strict permissions on sensitive OpenVAS Manager files and +will drop privileges when executing report format plugins if it is running with +potentially dangerous privileges. Furthermore, it forces report formats to be +trusted before executing them. + +We strongly recommended upgrading existing installations of OpenVAS-4 to +openvas-manager 2.0.3. + +Many thanks to everyone who has contributed to this release: +Henri Doreau, Matthew Mundell, Michael Wiegand and Jan-Oliver Wagner. + +Main changes since 2.0.2: +* Enforces strict permissions on sensitive OpenVAS Manager files. +* Drop privileges before executing report format plugins if running with + elevated privileges. +* Ensures report formats are trusted before executing them. + + openvas-manager 2.0.2 (2011-03-02) This is the second maintenance release of the openvas-manager 2.0 module for the diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openvas-manager-2.0.2/CMakeLists.txt new/openvas-manager-2.0.3/CMakeLists.txt --- old/openvas-manager-2.0.2/CMakeLists.txt 2011-03-02 15:21:27.000000000 +0100 +++ new/openvas-manager-2.0.3/CMakeLists.txt 2011-04-15 15:30:03.000000000 +0200 @@ -78,7 +78,7 @@ set (CPACK_TOPLEVEL_TAG "") set (CPACK_PACKAGE_VERSION_MAJOR "2") set (CPACK_PACKAGE_VERSION_MINOR "0") -set (CPACK_PACKAGE_VERSION_PATCH "2${SVN_REVISION}") +set (CPACK_PACKAGE_VERSION_PATCH "3${SVN_REVISION}") set (CPACK_PACKAGE_VERSION "${CPACK_PACKAGE_VERSION_MAJOR}.${CPACK_PACKAGE_VERSION_MINOR}.${CPACK_PACKAGE_VERSION_PATCH}") set (CPACK_PACKAGE_FILE_NAME "${PROJECT_NAME}-${CPACK_PACKAGE_VERSION}") set (CPACK_SOURCE_PACKAGE_FILE_NAME "${PROJECT_NAME}-${CPACK_PACKAGE_VERSION}") @@ -257,62 +257,64 @@ ## Install +install (CODE "file (MAKE_DIRECTORY ${OPENVAS_STATE_DIR}/openvasmd/report_formats/)") + install (FILES ${CMAKE_BINARY_DIR}/src/openvasmd_log.conf DESTINATION ${OPENVAS_SYSCONF_DIR}) install (FILES src/report_formats/CPE/generate src/report_formats/CPE/CPE.xsl DESTINATION ${OPENVAS_DATA_DIR}/openvasmd/global_report_formats/a0704abb-2120-489f-959f-251c9f4ffebd/ - PERMISSIONS OWNER_WRITE OWNER_READ GROUP_WRITE GROUP_READ) + PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ) install (FILES src/report_formats/HTML/generate src/report_formats/HTML/HTML.xsl DESTINATION ${OPENVAS_DATA_DIR}/openvasmd/global_report_formats/b993b6f5-f9fb-4e6e-9c94-dd46c00e058d/ - PERMISSIONS OWNER_WRITE OWNER_READ GROUP_WRITE GROUP_READ) + PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ) install (FILES src/report_formats/ITG/generate src/report_formats/ITG/ITG.xsl DESTINATION ${OPENVAS_DATA_DIR}/openvasmd/global_report_formats/929884c6-c2c4-41e7-befb-2f6aa163b458/ - PERMISSIONS OWNER_WRITE OWNER_READ GROUP_WRITE GROUP_READ) + PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ) install (FILES src/report_formats/LaTeX/generate src/report_formats/LaTeX/latex.xsl DESTINATION ${OPENVAS_DATA_DIR}/openvasmd/global_report_formats/9f1ab17b-aaaa-411a-8c57-12df446f5588/ - PERMISSIONS OWNER_WRITE OWNER_READ GROUP_WRITE GROUP_READ) + PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ) install (FILES src/report_formats/NBE/generate src/report_formats/NBE/NBE.xsl DESTINATION ${OPENVAS_DATA_DIR}/openvasmd/global_report_formats/f5c2a364-47d2-4700-b21d-0a7693daddab/ - PERMISSIONS OWNER_WRITE OWNER_READ GROUP_WRITE GROUP_READ) + PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ) install (FILES src/report_formats/PDF/generate src/report_formats/LaTeX/latex.xsl DESTINATION ${OPENVAS_DATA_DIR}/openvasmd/global_report_formats/1a60a67e-97d0-4cbf-bc77-f71b08e7043d/ - PERMISSIONS OWNER_WRITE OWNER_READ GROUP_WRITE GROUP_READ) + PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ) install (FILES src/report_formats/TXT/generate src/report_formats/TXT/TXT.xsl DESTINATION ${OPENVAS_DATA_DIR}/openvasmd/global_report_formats/19f6f1b3-7128-4433-888c-ccc764fe6ed5/ - PERMISSIONS OWNER_WRITE OWNER_READ GROUP_WRITE GROUP_READ) + PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ) install (FILES src/report_formats/XML/generate DESTINATION ${OPENVAS_DATA_DIR}/openvasmd/global_report_formats/d5da9f67-8551-4e51-807b-b6a873d70e34/ - PERMISSIONS OWNER_WRITE OWNER_READ GROUP_WRITE GROUP_READ) + PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ) install (FILES src/schema_formats/HTML/generate src/schema_formats/RNC/rnc.xsl src/schema_formats/HTML/HTML.xsl DESTINATION ${OPENVAS_DATA_DIR}/openvasmd/global_schema_formats/02052818-dab6-11df-9be4-002264764cea/ - PERMISSIONS OWNER_WRITE OWNER_READ GROUP_WRITE GROUP_READ) + PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ) install (FILES src/schema_formats/RNC/generate src/schema_formats/RNC/rnc.xsl src/schema_formats/RNC/RNC.xsl DESTINATION ${OPENVAS_DATA_DIR}/openvasmd/global_schema_formats/787a4a18-dabc-11df-9486-002264764cea/ - PERMISSIONS OWNER_WRITE OWNER_READ GROUP_WRITE GROUP_READ) + PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ) install (FILES src/schema_formats/XML/generate src/schema_formats/XML/OMP.xml DESTINATION ${OPENVAS_DATA_DIR}/openvasmd/global_schema_formats/18e826fc-dab6-11df-b913-002264764cea/ - PERMISSIONS OWNER_WRITE OWNER_READ GROUP_WRITE GROUP_READ) + PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ) ## End diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openvas-manager-2.0.2/ChangeLog new/openvas-manager-2.0.3/ChangeLog --- old/openvas-manager-2.0.2/ChangeLog 2011-03-02 15:21:27.000000000 +0100 +++ new/openvas-manager-2.0.3/ChangeLog 2011-04-15 15:30:03.000000000 +0200 @@ -1,3 +1,101 @@ +2011-04-15 Michael Wiegand <[email protected]> + + Preparing the openvas-manager 2.0.3 release. + + * CHANGES: Updated. + +2011-04-15 Michael Wiegand <[email protected]> + + * src/manage_sql.c (delete_report_format): Free allocated char on + failure. + +2011-04-15 Michael Wiegand <[email protected]> + + Make predefined report formats always available. Adapted from trunk + from code committed by Matthew Mundell in r10777. + + * src/omp.c (omp_xml_handle_end_element): In OMP GET_REPORT_FORMATS + allow predefined formats always. + + * src/manage_sql.c (manage_report, manage_send_report): Allow predefined + formats always. + +2011-04-15 Michael Wiegand <[email protected]> + + Refuse to delete predefined report formats. Adapted from trunk from + code committed by Matthew Mundell in r10776. + + * src/manage_sql.c (delete_report_format): Fail if format is predefined. + (report_format_predefined): New function. + + * src/manage.h: Add header accordingly. + + * src/omp.c (omp_xml_handle_end_element): In CLIENT_GET_REPORTS remove + erroneous case and add predefined case. + +2011-04-15 Michael Wiegand <[email protected]> + + Require that format trust is "yes". Backport from trunk; initially + committed by Matthew Mundell in r10774. + + * src/manage_sql.c (manage_report, manage_send_report): Accept only + trusted report formats. + (report_format_trust): New function. + + * src/manage.h: Add header accordingly. + + * src/omp.c (omp_xml_handle_end_element): In CLIENT_GET_REPORTS check + report format trust. + +2011-04-15 Michael Wiegand <[email protected]> + + Drop privileges in report creation when running as root. Backport from + trunk; initially committed by Matthew Mundell in r10772. + + * CMakeLists.txt: Create the user report_formats directory, so that it's + world readable, for nobody. Make the predefined report formats world + readable, for nobody. + + * src/manage_sql.c (manage_report, manage_send_report): Drop to nobody + within the spawned command when running as root. This prevents the report + formats from having root access. + (create_report_format): Ensure that nobody can access the installed report + formats. + +2011-04-14 Michael Wiegand <[email protected]> + + * src/manage_sql.c (init_manage_process): Reduce permissions if they are + too loose. Backport from trunk; initially committed by Matthew Mundell + in r10762 and r10763. + +2011-04-14 Michael Wiegand <[email protected]> + + * src/openvasmd.c (main): Set very restrictive umask. Backport from + trunk; initially committed by Matthew Mundell in r10758. + +2011-03-31 Matthew Mundell <[email protected]> + + * src/manage_sql.c (find_report_format): Add a user check to the + constraint XML because multiple users can import the same report format. + Backport from trunk; initially committed in r10632. + +2011-03-31 Matthew Mundell <[email protected]> + + * src/manage_sql.c (migrate_37_to_38): Use "mv" to do the move, because + "rename" requires the dirs to be on the same file system. Backport from + trunk; initially committed in r10663. + +2011-03-08 Matthew Mundell <[email protected]> + + * src/manage_sql.c (delete_lsc_credential) + (init_lsc_credential_iterator): Check both credentials in targets. + +2011-03-02 Michael Wiegand <[email protected]> + + Post release version bump. + + * CMakeLists.txt: Updated version number. + 2011-03-02 Michael Wiegand <[email protected]> Preparing the openvas-manager 2.0.2 release. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openvas-manager-2.0.2/src/manage.h new/openvas-manager-2.0.3/src/manage.h --- old/openvas-manager-2.0.2/src/manage.h 2011-03-02 15:21:27.000000000 +0100 +++ new/openvas-manager-2.0.3/src/manage.h 2011-04-15 15:30:03.000000000 +0200 @@ -1553,6 +1553,9 @@ report_format_global (report_format_t); int +report_format_predefined (report_format_t); + +int report_format_active (report_format_t); void @@ -1641,6 +1644,9 @@ report_format_param_type_t report_format_param_type_from_name (const char *); +int +report_format_trust (report_format_t); + void init_report_format_param_iterator (iterator_t*, report_format_t, int, const char*); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openvas-manager-2.0.2/src/manage_sql.c new/openvas-manager-2.0.3/src/manage_sql.c --- old/openvas-manager-2.0.2/src/manage_sql.c 2011-03-02 15:21:27.000000000 +0100 +++ new/openvas-manager-2.0.3/src/manage_sql.c 2011-04-15 15:30:00.000000000 +0200 @@ -40,6 +40,7 @@ #include <ctype.h> #include <dirent.h> #include <errno.h> +#include <pwd.h> #include <sqlite3.h> #include <stdlib.h> #include <string.h> @@ -4194,7 +4195,6 @@ new_dir = g_build_filename (OPENVAS_STATE_DIR, "openvasmd", - "report_formats", NULL); if (g_mkdir_with_parents (new_dir, 0755 /* "rwxr-xr-x" */)) @@ -4213,17 +4213,51 @@ /* Ensure the old dir exists. */ g_mkdir_with_parents (old_dir, 0755 /* "rwxr-xr-x" */); - if (rename (old_dir, new_dir)) - { - g_warning ("%s: renaming %s to %s failed: %s\n", - __FUNCTION__, - old_dir, - new_dir, - strerror (errno)); - g_free (old_dir); - g_free (new_dir); - sql ("ROLLBACK;"); - } + { + gchar **cmd; + gchar *standard_out = NULL; + gchar *standard_err = NULL; + gint exit_status; + + cmd = (gchar **) g_malloc (4 * sizeof (gchar *)); + cmd[0] = g_strdup ("mv"); + cmd[1] = old_dir; + cmd[2] = new_dir; + cmd[3] = NULL; + g_debug ("%s: Spawning in .: %s %s %s\n", + __FUNCTION__, cmd[0], cmd[1], cmd[2]); + if ((g_spawn_sync (".", + cmd, + NULL, /* Environment. */ + G_SPAWN_SEARCH_PATH, + NULL, /* Setup function. */ + NULL, + &standard_out, + &standard_err, + &exit_status, + NULL) + == FALSE) + || (WIFEXITED (exit_status) == 0) + || WEXITSTATUS (exit_status)) + { + g_warning ("%s: failed rename: %d (WIF %i, WEX %i)", + __FUNCTION__, + exit_status, + WIFEXITED (exit_status), + WEXITSTATUS (exit_status)); + g_debug ("%s: stdout: %s\n", __FUNCTION__, standard_out); + g_debug ("%s: stderr: %s\n", __FUNCTION__, standard_err); + g_free (old_dir); + g_free (new_dir); + g_free (cmd[0]); + g_free (cmd); + sql ("ROLLBACK;"); + return -1; + } + + g_free (cmd[0]); + g_free (cmd); + } g_free (old_dir); g_free (new_dir); @@ -6234,6 +6268,24 @@ abort (); } + { + struct stat state; + stat (database ? database : OPENVAS_STATE_DIR "/mgr/tasks.db", &state); + if (state.st_mode & (S_IXUSR | S_IRWXG | S_IRWXO)) + { + g_warning ("%s: database permissions are too loose, repairing\n", + __FUNCTION__); + if (chmod (database ? database : OPENVAS_STATE_DIR "/mgr/tasks.db", + S_IRUSR | S_IWUSR)) + { + g_warning ("%s: chmod failed: %s\n", + __FUNCTION__, + strerror (errno)); + abort (); + } + } + } + #ifndef S_SPLINT_S /* Open the database. */ if (sqlite3_open (database ? database @@ -11979,6 +12031,10 @@ /* Print the report as XML to a file. */ + if ((report_format_predefined (report_format) == 0) + && (report_format_trust (report_format) != TRUST_YES)) + return NULL; + if (report_task (report, &task)) return NULL; @@ -12101,11 +12157,41 @@ /* Call the script. */ - command = g_strdup_printf ("/bin/sh %s %s > %s" - " 2> /dev/null", - script, - xml_file, - output_file); + if (getuid () == 0) + { + struct passwd *nobody; + + nobody = getpwnam ("nobody"); + if ((nobody == NULL) + || chown (xml_dir, nobody->pw_uid, nobody->pw_gid) + || chown (xml_file, nobody->pw_uid, nobody->pw_gid)) + { + g_warning ("%s: Failed to set dir permissions: %s\n", + __FUNCTION__, + strerror (errno)); + g_free (previous_dir); + g_free (script); + g_free (xml_file); + if (extension) g_free (*extension); + if (content_type) g_free (*content_type); + return NULL; + } + + command = g_strdup_printf ("/bin/sh -c \"su nobody" + " -c \\\"/bin/sh %s %s > %s" + " 2> /dev/null\\\"" + " > /dev/null 2>&1\"" + " > /dev/null 2>&1", + script, + xml_file, + output_file); + } + else + command = g_strdup_printf ("/bin/sh %s %s > %s" + " 2> /dev/null", + script, + xml_file, + output_file); g_free (script); g_debug (" command: %s\n", command); @@ -12245,6 +12331,10 @@ /* Print the report as XML to a file. */ + if ((report_format_predefined (report_format) == 0) + && (report_format_trust (report_format) != TRUST_YES)) + return -1; + if (report_task (report, &task)) return -1; @@ -12353,11 +12443,39 @@ /* Call the script. */ - command = g_strdup_printf ("/bin/sh %s %s > %s" - " 2> /dev/null", - script, - xml_file, - output_file); + if (getuid () == 0) + { + struct passwd *nobody; + + nobody = getpwnam ("nobody"); + if ((nobody == NULL) + || chown (xml_dir, nobody->pw_uid, nobody->pw_gid) + || chown (xml_file, nobody->pw_uid, nobody->pw_gid)) + { + g_warning ("%s: Failed to set dir permissions: %s\n", + __FUNCTION__, + strerror (errno)); + g_free (previous_dir); + g_free (script); + g_free (xml_file); + return -1; + } + + command = g_strdup_printf ("/bin/sh -c \"su nobody" + " -c \\\"/bin/sh %s %s > %s" + " 2> /dev/null\\\"" + " > /dev/null 2>&1\"" + " > /dev/null 2>&1", + script, + xml_file, + output_file); + } + else + command = g_strdup_printf ("/bin/sh %s %s > %s" + " 2> /dev/null", + script, + xml_file, + output_file); g_free (script); g_free (xml_file); @@ -18493,7 +18611,9 @@ sql ("BEGIN IMMEDIATE;"); if (sql_int (0, 0, - "SELECT count(*) FROM targets WHERE lsc_credential = %llu;", + "SELECT count(*) FROM targets" + " WHERE lsc_credential = %llu OR smb_lsc_credential = %llu;", + lsc_credential, lsc_credential)) { sql ("ROLLBACK;"); @@ -18608,6 +18728,8 @@ " public_key, private_key, rpm, deb, exe," " (SELECT count(*) > 0 FROM targets" " WHERE lsc_credential = lsc_credentials.ROWID)" + " + (SELECT count(*) > 0 FROM targets" + " WHERE smb_lsc_credential = lsc_credentials.ROWID)" " FROM lsc_credentials" " WHERE ROWID = %llu" " AND ((owner IS NULL) OR (owner =" @@ -18623,6 +18745,8 @@ " public_key, private_key, rpm, deb, exe," " (SELECT count(*) > 0 FROM targets" " WHERE lsc_credential = lsc_credentials.ROWID)" + " + (SELECT count(*) > 0 FROM targets" + " WHERE smb_lsc_credential = lsc_credentials.ROWID)" " FROM lsc_credentials" " WHERE ((owner IS NULL) OR (owner =" " (SELECT ROWID FROM users WHERE users.uuid = '%s')))" @@ -21541,9 +21665,14 @@ *report_format = 0; return FALSE; } + assert (current_credentials.uuid); switch (sql_int64 (report_format, 0, 0, - "SELECT ROWID FROM report_formats WHERE uuid = '%s';", - quoted_uuid)) + "SELECT ROWID FROM report_formats WHERE uuid = '%s'" + " AND ((owner IS NULL) OR (owner =" + " (SELECT users.ROWID FROM users" + " WHERE users.uuid = '%s')));", + quoted_uuid, + current_credentials.uuid)) { case 0: break; @@ -21809,6 +21938,45 @@ return -1; } + if (global == 0) + { + gchar *report_dir; + + /* glib seems to apply the mode to the first dir only. */ + + report_dir = g_build_filename (OPENVAS_STATE_DIR, + "openvasmd", + "report_formats", + current_credentials.uuid, + NULL); + + if (chmod (report_dir, 0755 /* rwxr-xr-x */)) + { + g_warning ("%s: chmod failed: %s\n", + __FUNCTION__, + strerror (errno)); + g_free (dir); + g_free (report_dir); + g_free (quoted_name); + sql ("ROLLBACK;"); + return -1; + } + + g_free (report_dir); + } + + /* glib seems to apply the mode to the first dir only. */ + if (chmod (dir, 0755 /* rwxr-xr-x */)) + { + g_warning ("%s: chmod failed: %s\n", + __FUNCTION__, + strerror (errno)); + g_free (dir); + g_free (quoted_name); + sql ("ROLLBACK;"); + return -1; + } + index = 0; while ((file_name = (gchar*) g_ptr_array_index (files, index++))) { @@ -21839,17 +22007,32 @@ error = NULL; g_file_set_contents (full_file_name, contents, contents_size, &error); g_free (contents); - g_free (full_file_name); if (error) { g_warning ("%s: %s", __FUNCTION__, error->message); g_error_free (error); file_utils_rmdir_rf (dir); + g_free (full_file_name); g_free (dir); g_free (quoted_name); sql ("ROLLBACK;"); return -1; } + + if (chmod (full_file_name, S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH)) + { + g_warning ("%s: chmod failed: %s\n", + __FUNCTION__, + strerror (errno)); + file_utils_rmdir_rf (dir); + g_free (full_file_name); + g_free (dir); + g_free (quoted_name); + sql ("ROLLBACK;"); + return -1; + } + + g_free (full_file_name); } /* Add format to database. */ @@ -22065,7 +22248,7 @@ * * @param[in] report_format Report format. * - * @return 0 success, -1 error. + * @return 0 success, 3 predefined report format, -1 error. */ int delete_report_format (report_format_t report_format) @@ -22082,6 +22265,13 @@ return -1; } + if (report_format_predefined (report_format)) + { + sql ("ROLLBACK;"); + free (uuid); + return 3; + } + if (report_format_global (report_format)) dir = g_build_filename (OPENVAS_DATA_DIR, "openvasmd", @@ -22391,6 +22581,30 @@ } /** + * @brief Return whether a report format is predefined. + * + * @param[in] report_format Report format. + * + * @return 1 if predefined, else 0. + */ +int +report_format_predefined (report_format_t report_format) +{ + return sql_int (0, 0, + "SELECT uuid = 'a0704abb-2120-489f-959f-251c9f4ffebd'" + " OR uuid = 'b993b6f5-f9fb-4e6e-9c94-dd46c00e058d'" + " OR uuid = '929884c6-c2c4-41e7-befb-2f6aa163b458'" + " OR uuid = '9f1ab17b-aaaa-411a-8c57-12df446f5588'" + " OR uuid = 'f5c2a364-47d2-4700-b21d-0a7693daddab'" + " OR uuid = '1a60a67e-97d0-4cbf-bc77-f71b08e7043d'" + " OR uuid = '19f6f1b3-7128-4433-888c-ccc764fe6ed5'" + " OR uuid = 'd5da9f67-8551-4e51-807b-b6a873d70e34'" + " FROM report_formats" + " WHERE ROWID = %llu;", + report_format); +} + +/** * @brief Return whether a report format is active. * * @param[in] report_format Report format. @@ -22659,6 +22873,21 @@ } /** + * @brief Return the trust of a report format. + * + * @param[in] report_format Report format. + * + * @return Trust: 1 yes, 2 no, 2 unknown. + */ +int +report_format_trust (report_format_t report_format) +{ + return sql_int (0, 0, + "SELECT trust FROM report_formats WHERE ROWID = %llu;", + report_format); +} + +/** * @brief Initialise a report format iterator. * * @param[in] iterator Iterator. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openvas-manager-2.0.2/src/omp.c new/openvas-manager-2.0.3/src/omp.c --- old/openvas-manager-2.0.2/src/omp.c 2011-03-02 15:21:27.000000000 +0100 +++ new/openvas-manager-2.0.3/src/omp.c 2011-04-15 15:30:03.000000000 +0200 @@ -8461,10 +8461,10 @@ case 0: SEND_TO_CLIENT_OR_FAIL (XML_OK ("delete_report_format")); break; - case 1: + case 3: SEND_TO_CLIENT_OR_FAIL (XML_ERROR_SYNTAX ("delete_report_format", - "Attempt to delete a hidden report" + "Attempt to delete a predefined report" " format")); break; default: @@ -8631,6 +8631,18 @@ set_client_state (CLIENT_AUTHENTIC); break; } + + if ((report_format_predefined (report_format) == 0) + && (report_format_trust (report_format) > 1)) + { + get_reports_data_reset (get_reports_data); + SEND_TO_CLIENT_OR_FAIL + (XML_ERROR_SYNTAX ("get_reports", + "GET_REPORTS report format must be predefined" + " or trusted")); + set_client_state (CLIENT_AUTHENTIC); + break; + } SEND_TO_CLIENT_OR_FAIL ("<get_reports_response" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openvas-manager-2.0.2/src/openvasmd.c new/openvas-manager-2.0.3/src/openvasmd.c --- old/openvas-manager-2.0.2/src/openvasmd.c 2011-03-02 15:21:27.000000000 +0100 +++ new/openvas-manager-2.0.3/src/openvasmd.c 2011-04-15 15:30:03.000000000 +0200 @@ -1092,6 +1092,10 @@ } tzset (); + /* Set umask to hoard created files, including the database. */ + + umask (S_IRGRP | S_IWGRP | S_IXGRP | S_IROTH | S_IWOTH | S_IXOTH); + /* Set GnuPG home directory. */ gnupg_home = g_build_filename (OPENVAS_SYSCONF_DIR, "gnupg/", NULL); ++++++ openvas-manager.dsc ++++++ --- /var/tmp/diff_new_pack.kzOMe9/_old 2011-05-02 14:18:37.000000000 +0200 +++ /var/tmp/diff_new_pack.kzOMe9/_new 2011-05-02 14:18:37.000000000 +0200 @@ -2,12 +2,12 @@ Source: openvas-manager Binary: openvas-manager Architecture: any -Version: 2.0.2-1 +Version: 2.0.3-1 Maintainer: Stephan Kleine <[email protected]> Homepage: http://www.openvas.org/ Standards-Version: 3.8.0 Build-Depends: debhelper (>= 5), cmake, doxygen, dpatch, hardening-wrapper, libopenvas4-dev, libsqlite3-dev, pkg-config Files: - 776ce4e1000137c9aec7863372c8c876 373800 openvas-manager-2.0.2.orig.tar.gz - 131e6720b0526ade9405eade0d9150ac 56625 openvas-manager-2.0.2.diff.gz + 776ce4e1000137c9aec7863372c8c876 373800 openvas-manager-2.0.3.orig.tar.gz + 131e6720b0526ade9405eade0d9150ac 56625 openvas-manager-2.0.3.diff.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun... -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
