Re: [Ipmitool-devel] IPMI event daemon creates PID file with world writeable permission

Sun, 15 Jan 2017 05:31:56 -0800 

On Mon, Jan 2, 2017 at 2:56 PM, Alan Evangelista
<ala...@linux.vnet.ibm.com> wrote:
> Hi.
>
> Bug in Red Hat bug tracker:https://bugzilla.redhat.com/show_bug.cgi?id=742837
> Proposed patch:https://bugzilla.redhat.com/attachment.cgi?id=525972
>
> I see this patch is not applied upstream. Is there a reason to not do it?

Hello Alan,

the reason for patch not being applied is that I believe issue has
been addressed by another patch and in different way. I believe the
topic has been brought up before and I've asked for a proof that issue
persists. It's possible that upstream patch is a fix-failed under
certain conditions, eg. Ubuntu sets completely different umask.
Please, can you provide more information on is PID file still
exploitable and under which conditions?

Thank you.

Best regards,
Z.

```
commit 5ed7f6ac0a3c8ee433ea0a20be9554cbf98a4f51
Author: Zdenek Styblik <zdenek.styb...@gmail.com>
Date:   Tue Jan 24 13:26:56 2012 +0000

    Fixes CVE-2011-4339 - world writeable PID file

    Adds proper umask() before writing PID file.

diff --git a/ipmitool/src/ipmievd.c b/ipmitool/src/ipmievd.c
index 6fe1537..f5a2613 100644
--- a/ipmitool/src/ipmievd.c
+++ b/ipmitool/src/ipmievd.c
@@ -746,6 +746,7 @@ ipmievd_main(struct ipmi_event_intf * eintf, int
argc, char ** argv)
                        }
                }

+               umask(022);
                fp = ipmi_open_file_write(pidfile);
                if (fp != NULL) {
                        fprintf(fp, "%d\n", (int)getpid());
```

>
>
> Regards,
> Alan Evangelista
>
>
> ------------------------------------------------------------------------------
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, SlashDot.org! http://sdm.link/slashdot
> _______________________________________________
> Ipmitool-devel mailing list
> Ipmitool-devel@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/ipmitool-devel

------------------------------------------------------------------------------
Developer Access Program for Intel Xeon Phi Processors
Access to Intel Xeon Phi processor-based developer platforms.
With one year of Intel Parallel Studio XE.
Training and support from Colfax.
Order your platform today. http://sdm.link/xeonphi
_______________________________________________
Ipmitool-devel mailing list
Ipmitool-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/ipmitool-devel

Reply via email to