Open-Source-Software-Entwicklung und Downloads

Anzeigen 1.4.1 - Change Log

category(Tag) tree

file info

category(Tag)
Wurzel
dateiname
ccs-patch_1.4.1_-_Changes
letztes update
2007-06-05 14:55
typ
Plain Text
editor
Tetsuo Handa
beschreibung
1.4.1 - Change Log
sprache
English
translate
    @ Change argv[0] checking rule.

      I was comparing the basename of symbolic link's pathname and argv[0].
      Since execute permission check and domain transition are done
      based on realpath while argv[0] check is done based on the symlink's
      pathname and argv[0], this specification will allow attackers behave
      as /bin/cat in the domain of /bin/ls if "/bin/ls and /bin/cat are
      links to /sbin/busybox" and "the attacker is permitted to create 
      a symlink named ~/cat that points to /bin/ls" and "the attacker is
      permitted to run /bin/ls".
      So, I changed to compare the basename of realpath and argv[0].
      Also, I moved the location to compare before processing
      "aggregator" directive so that
      "aggregator /tmp/logrotate.\?\?\?\?\?\? /tmp/logrotate.tmp"
      won't cause the mismatch of the basename of realpath and argv[0].

      If /bin/ls is a symlink to /sbin/busybox, then
      creating a symlink named ~/cat that points to /bin/ls and
      executing ~/cat won't work as expected because permission check and
      domain transition are done using /sbin/busybox (realpath of /bin/ls)
      and will be rejected since the administrator won't grant
      "1 /sbin/busybox".

Fix 2007/05/07

    @ Support pathname subtraction.

      There was no way to exclude specific pathnames when granting
      permissions using wildcards.
      There would be a need to exclude specific files and directories.
      I introduced "\-" as subtraction operator.

        "A\-B" means "A" other than "B".
        "A\-B\-C" means "A" other than "B" and "C".
        "A\-B\-C\-D" means "A" other than "B" and "C" and "D".

      "A", "B", "C", "D" may contain wildcards.

      An example usage is "/home/\*/\*\-.ssh/\*", which means
      "/home/\*/\*/\*" other than "/home/\*/.ssh/\*".

      "A" should contain wildcards because subtraction from constants
      (e.g. "/usr\-usr/" or "/usr\-home/") is meaningless.

      Don't try "A\-B\+C" because "\+" is not addition operator.

Fix 2007/05/24

    @ Fix autobind hook.

      The location to call SAKURA_MayAutobind() in net/ipv4/udp.c
      and net/ipv6/udp.c were wrong.

Fix 2007/06/03

    @ Add a space in MakeMountOptions().

      I forgot to add a space after "atime" and "noatime".

Version 1.4.1 2007/06/05   Minor update release.