Martin Schulze wrote:
> > I'm not sure about
> > http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3148,
> > which would require some more studying of the code.
>
> It's the chown call.
>
> It seems that the old version executed "chown uid gid link" which doesn't
> work. The new version executes "chown -h uid:gid link". My manpage doesn't
> document -h though.
Sounds correct, my manpage says:
-h, --no-dereference
affect each symbolic link instead of any referenced file (useful only on
systems that can change the ownership of a symlink)
However, I think that this hunk is missing for CAN-2005-3148:
diff -Naur storebackup-1.18.4/bin/storeBackupRecover.pl
storebackup-1.19/bin/storeBackupRecover.pl
--- storebackup-1.18.4/bin/storeBackupRecover.pl 2005-10-06
17:37:09.000000000 +0200
+++ storebackup-1.19/bin/storeBackupRecover.pl 2005-10-06 17:36:32.000000000
+0200
@@ -364,7 +371,7 @@
# geaendert, sondern die Datei, auf die er verweist.
# (dann muss lchown genommen werden -> Inkompatibilitaeten!?)
my $chown = forkProc->new('-exec' => 'chown',
- '-param' => [$uid, $gid,
+ '-param' => ['-h', "$uid:$gid",
"$targetFile"],
'-outRandom' => "$tmpdir/chown-",
'-prLog' => $prLog);
Otherwise permissions might be incorrectly restored.
Cheers,
Moritz
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
