This is the mail archive of the libc-hacker@sources.redhat.com mailing list for the glibc project.

Note that libc-hacker is a closed list. You may look at the archives of this list, but subscription and posting are not open.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]

[PATCH] Don't punish non-SUID/SGID programs (take 2)

To: Ulrich Drepper <drepper at redhat dot com>
Subject: [PATCH] Don't punish non-SUID/SGID programs (take 2)
From: Jakub Jelinek <jakub at redhat dot com>
Date: Wed, 10 Jan 2001 14:06:38 +0100
Cc: Glibc hackers <libc-hacker at sources dot redhat dot com>
References: <20010110115923.J525@sunsite.ms.mff.cuni.cz>
Reply-To: Jakub Jelinek <jakub at redhat dot com>

On Wed, Jan 10, 2001 at 11:59:23AM +0100, Jakub Jelinek wrote:
> The new access checks are IMHO too strict because they change the behaviour
> when those variables are set for non-SUID/SGID programs.
> Both memusage and SegFault try to create missing output file, but
> access (R_OK|W_OK) won't return 0 if the file is missing.
> I think we should keep the old behaviour for non-SUID/SGID programs and only
> require the user creates the file first when playing with SUID/SGID
> programs.

Oopsie, my last patch contained a bug which this version of the patch fixes
(sorry, the patch below was actually bootstrap checked), plus changes __access
in segfault.c to access (it is a separate library and
__access is not exported from libc, thus all attempts to preload
libSegFault.so would be failing).

2001-01-10  Jakub Jelinek  <jakub@redhat.com>

	* malloc/memusage.c (me): If not SUID/SGID, allow creating new
	$MEMUSAGE_OUTPUT file.
	* sysdeps/generic/segfault.c (segfault.c): If not SUID/SGID, allow
	creating new $SEGFAULT_OUTPUT_NAME file.

--- libc/malloc/memusage.c.jj	Mon Jan  8 19:07:14 2001
+++ libc/malloc/memusage.c	Wed Jan 10 12:23:43 2001
@@ -201,7 +201,7 @@ me (void)
     {
       const char *outname = getenv ("MEMUSAGE_OUTPUT");
       if (outname != NULL && outname[0] != '\0'
-	  && access (outname, R_OK | W_OK) == 0)
+	  && (!__libc_enable_secure || access (outname, R_OK | W_OK) == 0))
 	{
 	  fd = creat (outname, 0666);
 
--- libc/sysdeps/generic/segfault.c.jj	Wed Jan 10 12:02:54 2001
+++ libc/sysdeps/generic/segfault.c	Wed Jan 10 12:58:14 2001
@@ -237,6 +237,7 @@ install_handler (void)
 
   /* Preserve the output file name if there is any given.  */
   name = getenv ("SEGFAULT_OUTPUT_NAME");
-  if (name != NULL && name[0] != '\0' && __access (name, R_OK | W_OK) == 0)
+  if (name != NULL && name[0] != '\0'
+      && (!__libc_enable_secure || access (name, R_OK | W_OK) == 0))
     fname = __strdup (name);
 }


	Jakub

References:
- [PATCH] Don't punish non-SUID/SGID programs
  - From: Jakub Jelinek

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]