Author: dannf
Date: Tue Sep 25 05:05:38 2007
New Revision: 9544
Log:
* bugfix/cifs-honor-umask.patch
[SECURITY] Make CIFS honor a process' umask
See CVE-2007-3740
Added:
dists/etch-security/linux-2.6/debian/patches/bugfix/cifs-honor-umask.patch
Modified:
dists/etch-security/linux-2.6/debian/changelog
dists/etch-security/linux-2.6/debian/patches/series/13etch3
Modified: dists/etch-security/linux-2.6/debian/changelog
==============================================================================
--- dists/etch-security/linux-2.6/debian/changelog (original)
+++ dists/etch-security/linux-2.6/debian/changelog Tue Sep 25 05:05:38 2007
@@ -10,8 +10,11 @@
[SECURITY] Prevent OOPS during stack expansion when the VMA crosses
into address space reserved for hugetlb pages.
See CVE-2007-3739
+ * bugfix/cifs-honor-umask.patch
+ [SECURITY] Make CIFS honor a process' umask
+ See CVE-2007-3740
- -- dann frazier <[EMAIL PROTECTED]> Fri, 21 Sep 2007 10:36:12 -0600
+ -- dann frazier <[EMAIL PROTECTED]> Mon, 24 Sep 2007 23:05:05 -0600
linux-2.6 (2.6.18.dfsg.1-13etch2) stable-security; urgency=high
Added:
dists/etch-security/linux-2.6/debian/patches/bugfix/cifs-honor-umask.patch
==============================================================================
--- (empty file)
+++ dists/etch-security/linux-2.6/debian/patches/bugfix/cifs-honor-umask.patch
Tue Sep 25 05:05:38 2007
@@ -0,0 +1,81 @@
+From: Steve French <[EMAIL PROTECTED]>
+Date: Fri, 8 Jun 2007 14:55:14 +0000 (+0000)
+Subject: [CIFS] CIFS should honour umask
+X-Git-Tag: v2.6.22-rc5~50^2
+X-Git-Url:
http://git.kernel.org/?p=linux%2Fkernel%2Fgit%2Ftorvalds%2Flinux-2.6.git;a=commitdiff_plain;h=3ce53fc4c57603d99c330a6ee2fe96d94f2d350f
+
+[CIFS] CIFS should honour umask
+
+This patch makes CIFS honour a process' umask like other filesystems.
+Of course the server is still free to munge the permissions if it wants
+to; but the client will send the "right" permissions to begin with.
+
+A few caveats:
+
+1) It only applies to filesystems that have CAP_UNIX (aka support unix
+extensions)
+2) It applies the correct mode to the follow up CIFSSMBUnixSetPerms()
+after remote creation
+
+When mode to CIFS/NTFS ACL mapping is complete we can do the
+same thing for that case for servers which do not
+support the Unix Extensions.
+
+Signed-off-by: Matt Keenen <[EMAIL PROTECTED]>
+Signed-off-by: Steve French <[EMAIL PROTECTED]>
+---
+
+Backported to Debian's 2.6.18 by dann frazier <[EMAIL PROTECTED]>
+
+diff -urpN linux-source-2.6.18.orig/fs/cifs/dir.c
linux-source-2.6.18/fs/cifs/dir.c
+--- linux-source-2.6.18.orig/fs/cifs/dir.c 2006-09-19 21:42:06.000000000
-0600
++++ linux-source-2.6.18/fs/cifs/dir.c 2007-09-24 22:49:29.509100350 -0600
+@@ -199,7 +199,8 @@ cifs_create(struct inode *inode, struct
+ /* If Open reported that we actually created a file
+ then we now have to set the mode if possible */
+ if ((cifs_sb->tcon->ses->capabilities & CAP_UNIX) &&
+- (oplock & CIFS_CREATE_ACTION))
++ (oplock & CIFS_CREATE_ACTION)) {
++ mode &= ~current->fs->umask;
+ if(cifs_sb->mnt_cifs_flags & CIFS_MOUNT_SET_UID) {
+ CIFSSMBUnixSetPerms(xid, pTcon, full_path, mode,
+ (__u64)current->fsuid,
+@@ -217,7 +218,7 @@ cifs_create(struct inode *inode, struct
+ cifs_sb->mnt_cifs_flags &
+ CIFS_MOUNT_MAP_SPECIAL_CHR);
+ }
+- else {
++ } else {
+ /* BB implement mode setting via Windows security
descriptors */
+ /* eg
CIFSSMBWinSetPerms(xid,pTcon,full_path,mode,-1,-1,local_nls);*/
+ /* could set r/o dos attribute if mode & 0222 == 0 */
+@@ -325,6 +326,7 @@ int cifs_mknod(struct inode *inode, stru
+ if(full_path == NULL)
+ rc = -ENOMEM;
+ else if (pTcon->ses->capabilities & CAP_UNIX) {
++ mode &= ~current->fs->umask;
+ if(cifs_sb->mnt_cifs_flags & CIFS_MOUNT_SET_UID) {
+ rc = CIFSSMBUnixSetPerms(xid, pTcon, full_path,
+
mode,(__u64)current->fsuid,(__u64)current->fsgid,
+diff -urpN linux-source-2.6.18.orig/fs/cifs/inode.c
linux-source-2.6.18/fs/cifs/inode.c
+--- linux-source-2.6.18.orig/fs/cifs/inode.c 2007-09-18 16:46:11.000000000
-0600
++++ linux-source-2.6.18/fs/cifs/inode.c 2007-09-24 22:50:34.825099389
-0600
+@@ -751,7 +751,8 @@ int cifs_mkdir(struct inode *inode, stru
+ d_instantiate(direntry, newinode);
+ if (direntry->d_inode)
+ direntry->d_inode->i_nlink = 2;
+- if (cifs_sb->tcon->ses->capabilities & CAP_UNIX)
++ if (cifs_sb->tcon->ses->capabilities & CAP_UNIX) {
++ mode &= ~current->fs->umask;
+ if (cifs_sb->mnt_cifs_flags & CIFS_MOUNT_SET_UID) {
+ CIFSSMBUnixSetPerms(xid, pTcon, full_path,
+ mode,
+@@ -769,7 +770,7 @@ int cifs_mkdir(struct inode *inode, stru
+ cifs_sb->mnt_cifs_flags &
+ CIFS_MOUNT_MAP_SPECIAL_CHR);
+ }
+- else {
++ } else {
+ /* BB to be implemented via Windows secrty descriptors
+ eg CIFSSMBWinSetPerms(xid, pTcon, full_path, mode,
+ -1, -1, local_nls); */
Modified: dists/etch-security/linux-2.6/debian/patches/series/13etch3
==============================================================================
--- dists/etch-security/linux-2.6/debian/patches/series/13etch3 (original)
+++ dists/etch-security/linux-2.6/debian/patches/series/13etch3 Tue Sep 25
05:05:38 2007
@@ -1,3 +1,4 @@
+ bugfix/ptrace-handle-bogus-selector.patch
+ bugfix/fixup-trace_irq-breakage.patch
+ bugfix/prevent-stack-growth-into-hugetlb-region.patch
++ bugfix/cifs-honor-umask.patch
_______________________________________________
Kernel-svn-changes mailing list
[email protected]
http://lists.alioth.debian.org/mailman/listinfo/kernel-svn-changes
