Author: archaic
Date: 2005-09-15 16:55:14 -0600 (Thu, 15 Sep 2005)
New Revision: 1123
Added:
trunk/util-linux/util-linux-2.12q-umount_fix-1.patch
Log:
Added patch to fix util-linux remount vulnerability.
Added: trunk/util-linux/util-linux-2.12q-umount_fix-1.patch
===================================================================
--- trunk/util-linux/util-linux-2.12q-umount_fix-1.patch 2005-09-15
21:32:49 UTC (rev 1122)
+++ trunk/util-linux/util-linux-2.12q-umount_fix-1.patch 2005-09-15
22:55:14 UTC (rev 1123)
@@ -0,0 +1,20 @@
+Submitted By: Archaic <archaic AT linuxfromscratch D0T org>
+Date: 2005-09-15
+Initial Package Version: 2.12q
+Upstream Status: Applying upstream
+Origin: upstream
+Description: Fixes a local priviledge escalation in umount where a user can
+ remount a partition to bypass the nosuid option
+
+diff -Naur util-linux-2.12q.orig/mount/umount.c util-linux-2.12q/mount/umount.c
+--- util-linux-2.12q.orig/mount/umount.c 2004-12-20 22:03:45.000000000
+0000
++++ util-linux-2.12q/mount/umount.c 2005-09-15 22:29:28.000000000 +0000
+@@ -714,7 +714,7 @@
+
+ if (getuid () != geteuid ()) {
+ suid = 1;
+- if (all || types || nomtab || force)
++ if (all || types || nomtab || force || remount)
+ die (2, _("umount: only root can do that"));
+ }
+
--
http://linuxfromscratch.org/mailman/listinfo/patches
FAQ: http://www.linuxfromscratch.org/faq/
Unsubscribe: See the above information page
