Hello community, here is the log from the commit of package lightdm for openSUSE:12.1:Update:Test checked in at 2011-11-17 16:51:00 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:12.1:Update:Test/lightdm (Old) and /work/SRC/openSUSE:12.1:Update:Test/.lightdm.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "lightdm", Maintainer is "" Changes: -------- --- /work/SRC/openSUSE:12.1:Update:Test/lightdm/lightdm.changes 2011-11-17 16:51:01.000000000 +0100 +++ /work/SRC/openSUSE:12.1:Update:Test/.lightdm.new/lightdm.changes 2011-11-17 16:51:02.000000000 +0100 @@ -1,0 +2,14 @@ +Tue Nov 15 16:29:15 UTC 2011 - [email protected] + +- fix .dmrc handling (CVE-2011-3153) [bnc#728627] + +------------------------------------------------------------------- +Thu Nov 10 08:53:40 UTC 2011 - [email protected] + +- added lightdm-remove-xauthority-ownership-fix.patch which removes + the code correcting the ownership of .Xauthority files, it is + still not secure and the buggy LightDM version writing + .Xauthority as root never was in a released openSUSE version + anyway (bnc#730062) + +------------------------------------------------------------------- New: ---- lightdm-CVE-2011-3153.patch lightdm-remove-xauthority-ownership-fix.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ lightdm.spec ++++++ --- /var/tmp/diff_new_pack.G2mhG4/_old 2011-11-17 16:51:02.000000000 +0100 +++ /var/tmp/diff_new_pack.G2mhG4/_new 2011-11-17 16:51:02.000000000 +0100 @@ -48,6 +48,10 @@ Patch5: lightdm-default-configuration.patch # PATCH-FIX-UPSTREAM lightdm-lock-screen-before-switch.patch [email protected] -- Try to lock the screen before switching users Patch7: lightdm-lock-screen-before-switch.patch +# PATCH-FIX-UPSTREAM lightdm-remove-xauthority-ownership-fix.patch [email protected] -- Remove the code correcting the ownership of .Xauthority files, it is still not secure and the buggy LightDM version writing .Xauthority as root never was in a released openSUSE version anyway +Patch8: lightdm-remove-xauthority-ownership-fix.patch +# PATCH-FIX-UPSTREAM lightdm-CVE-2011-3153.patch [email protected] -- fix vulnerability when reading .dmrc file +Patch9: lightdm-CVE-2011-3153.patch BuildRequires: pkgconfig(glib-2.0) BuildRequires: pkgconfig(xcb) BuildRequires: pkgconfig(xdmcp) @@ -173,6 +177,8 @@ %patch4 -p1 %patch5 -p1 %patch7 -p1 +%patch8 -p1 +%patch9 -p1 %build ./autogen.sh ++++++ lightdm-CVE-2011-3153.patch ++++++ Description: drop privileges before reading ~/.dmrc Author: Marc Deslauriers <[email protected]> Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/lightdm/+bug/883865 Index: lightdm-1.0.6/src/dmrc.c =================================================================== --- lightdm-1.0.6.orig/src/dmrc.c +++ lightdm-1.0.6/src/dmrc.c @@ -24,7 +24,7 @@ dmrc_load (const gchar *username) User *user; GKeyFile *dmrc_file; gchar *path; - gboolean have_dmrc; + gboolean have_dmrc, drop_privileges; dmrc_file = g_key_file_new (); @@ -38,7 +38,14 @@ dmrc_load (const gchar *username) /* Load from the user directory, if this fails (e.g. the user directory * is not yet mounted) then load from the cache */ path = g_build_filename (user_get_home_directory (user), ".dmrc", NULL); + + /* Guard against privilege escalation through symlinks, etc. */ + drop_privileges = geteuid () == 0; + if (drop_privileges) + privileges_drop (user); have_dmrc = g_key_file_load_from_file (dmrc_file, path, G_KEY_FILE_KEEP_COMMENTS, NULL); + if (drop_privileges) + privileges_reclaim (); g_free (path); /* If no ~/.dmrc, then load from the cache */ ++++++ lightdm-remove-xauthority-ownership-fix.patch ++++++ # HG changeset patch # Parent 50fa5a8c7f9d9a5b15b246ab29b0fedd373d42d4 removed the code correcting the ownership of .Xauthority files, it is still not secure and the buggy LightDM version writing .Xauthrotiy as root never was in a released openSUSE version anyway diff --git a/src/xsession.c b/src/xsession.c --- a/src/xsession.c +++ b/src/xsession.c @@ -102,16 +102,6 @@ xsession_setup (Session *session) else { path = g_build_filename (user_get_home_directory (session_get_user (session)), ".Xauthority", NULL); - - /* Workaround the case where the authority file might have been - * incorrectly written as root in a buggy version of LightDM */ - if (getuid () == 0) - { - int result; - result = lchown (path, user_get_uid (session_get_user (session)), user_get_gid (session_get_user (session))); - if (result < 0 && errno != ENOENT) - g_warning ("Failed to correct ownership of %s: %s", path, strerror (errno)); - } } session_set_env (session, "XAUTHORITY", path); -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
