diff options
Diffstat (limited to 'source/l/polkit/CVE-2011-1485/0002-Make-PolkitUnixProcess-also-record-the-uid-of-the-pr.patch')
| -rw-r--r-- | source/l/polkit/CVE-2011-1485/0002-Make-PolkitUnixProcess-also-record-the-uid-of-the-pr.patch | 623 |
1 files changed, 0 insertions, 623 deletions
diff --git a/source/l/polkit/CVE-2011-1485/0002-Make-PolkitUnixProcess-also-record-the-uid-of-the-pr.patch b/source/l/polkit/CVE-2011-1485/0002-Make-PolkitUnixProcess-also-record-the-uid-of-the-pr.patch deleted file mode 100644 index 81a163c6..00000000 --- a/source/l/polkit/CVE-2011-1485/0002-Make-PolkitUnixProcess-also-record-the-uid-of-the-pr.patch +++ /dev/null @@ -1,623 +0,0 @@ -From 129b6223a19e7fb2753f8cad7957ac5402394076 Mon Sep 17 00:00:00 2001 -From: David Zeuthen <davidz@redhat.com> -Date: Fri, 1 Apr 2011 12:09:45 -0400 -Subject: [PATCH 2/4] Make PolkitUnixProcess also record the uid of the - process - -This is needed to avoid possible TOCTTOU issues since a process can -change both its real uid and effective uid. - -Signed-off-by: David Zeuthen <davidz@redhat.com> ---- - docs/polkit/polkit-1-sections.txt | 7 +- - src/polkit/polkitsubject.c | 25 +++- - src/polkit/polkitunixprocess.c | 346 +++++++++++++++++++++++++------------ - src/polkit/polkitunixprocess.h | 18 ++- - 4 files changed, 278 insertions(+), 118 deletions(-) - -diff --git a/docs/polkit/polkit-1-sections.txt b/docs/polkit/polkit-1-sections.txt -index 12141e3..9f4fcf8 100644 ---- a/docs/polkit/polkit-1-sections.txt -+++ b/docs/polkit/polkit-1-sections.txt -@@ -145,10 +145,13 @@ POLKIT_UNIX_SESSION_GET_CLASS - PolkitUnixProcess - polkit_unix_process_new - polkit_unix_process_new_full -+polkit_unix_process_new_for_owner -+polkit_unix_process_set_pid - polkit_unix_process_get_pid -+polkit_unix_process_set_start_time - polkit_unix_process_get_start_time --polkit_unix_process_set_pid --polkit_unix_process_get_owner -+polkit_unix_process_set_uid -+polkit_unix_process_get_uid - <SUBSECTION Standard> - PolkitUnixProcessClass - POLKIT_UNIX_PROCESS -diff --git a/src/polkit/polkitsubject.c b/src/polkit/polkitsubject.c -index 577afec..d2c4c20 100644 ---- a/src/polkit/polkitsubject.c -+++ b/src/polkit/polkitsubject.c -@@ -238,13 +238,18 @@ polkit_subject_from_string (const gchar *str, - { - gint scanned_pid; - guint64 scanned_starttime; -- if (sscanf (str, "unix-process:%d:%" G_GUINT64_FORMAT, &scanned_pid, &scanned_starttime) == 2) -+ gint scanned_uid; -+ if (sscanf (str, "unix-process:%d:%" G_GUINT64_FORMAT ":%d", &scanned_pid, &scanned_starttime, &scanned_uid) == 3) -+ { -+ subject = polkit_unix_process_new_for_owner (scanned_pid, scanned_starttime, scanned_uid); -+ } -+ else if (sscanf (str, "unix-process:%d:%" G_GUINT64_FORMAT, &scanned_pid, &scanned_starttime) == 2) - { - subject = polkit_unix_process_new_full (scanned_pid, scanned_starttime); - } - else if (sscanf (str, "unix-process:%d", &scanned_pid) == 1) - { -- subject = polkit_unix_process_new_full (scanned_pid, 0); -+ subject = polkit_unix_process_new (scanned_pid); - if (polkit_unix_process_get_start_time (POLKIT_UNIX_PROCESS (subject)) == 0) - { - g_object_unref (subject); -@@ -297,6 +302,8 @@ polkit_subject_to_gvariant (PolkitSubject *subject) - g_variant_new_uint32 (polkit_unix_process_get_pid (POLKIT_UNIX_PROCESS (subject)))); - g_variant_builder_add (&builder, "{sv}", "start-time", - g_variant_new_uint64 (polkit_unix_process_get_start_time (POLKIT_UNIX_PROCESS (subject)))); -+ g_variant_builder_add (&builder, "{sv}", "uid", -+ g_variant_new_int32 (polkit_unix_process_get_uid (POLKIT_UNIX_PROCESS (subject)))); - } - else if (POLKIT_IS_UNIX_SESSION (subject)) - { -@@ -395,6 +402,7 @@ polkit_subject_new_for_gvariant (GVariant *variant, - GVariant *v; - guint32 pid; - guint64 start_time; -+ gint32 uid; - - v = lookup_asv (details_gvariant, "pid", G_VARIANT_TYPE_UINT32, error); - if (v == NULL) -@@ -414,7 +422,18 @@ polkit_subject_new_for_gvariant (GVariant *variant, - start_time = g_variant_get_uint64 (v); - g_variant_unref (v); - -- ret = polkit_unix_process_new_full (pid, start_time); -+ v = lookup_asv (details_gvariant, "uid", G_VARIANT_TYPE_INT32, error); -+ if (v != NULL) -+ { -+ uid = g_variant_get_int32 (v); -+ g_variant_unref (v); -+ } -+ else -+ { -+ uid = -1; -+ } -+ -+ ret = polkit_unix_process_new_for_owner (pid, start_time, uid); - } - else if (g_strcmp0 (kind, "unix-session") == 0) - { -diff --git a/src/polkit/polkitunixprocess.c b/src/polkit/polkitunixprocess.c -index 876da69..913be3a 100644 ---- a/src/polkit/polkitunixprocess.c -+++ b/src/polkit/polkitunixprocess.c -@@ -62,6 +62,7 @@ struct _PolkitUnixProcess - - gint pid; - guint64 start_time; -+ gint uid; - }; - - struct _PolkitUnixProcessClass -@@ -74,6 +75,7 @@ enum - PROP_0, - PROP_PID, - PROP_START_TIME, -+ PROP_UID - }; - - static void subject_iface_init (PolkitSubjectIface *subject_iface); -@@ -81,6 +83,9 @@ static void subject_iface_init (PolkitSubjectIface *subject_iface); - static guint64 get_start_time_for_pid (gint pid, - GError **error); - -+static gint _polkit_unix_process_get_owner (PolkitUnixProcess *process, -+ GError **error); -+ - #ifdef HAVE_FREEBSD - static gboolean get_kinfo_proc (gint pid, struct kinfo_proc *p); - #endif -@@ -92,6 +97,7 @@ G_DEFINE_TYPE_WITH_CODE (PolkitUnixProcess, polkit_unix_process, G_TYPE_OBJECT, - static void - polkit_unix_process_init (PolkitUnixProcess *unix_process) - { -+ unix_process->uid = -1; - } - - static void -@@ -108,6 +114,10 @@ polkit_unix_process_get_property (GObject *object, - g_value_set_int (value, unix_process->pid); - break; - -+ case PROP_UID: -+ g_value_set_int (value, unix_process->uid); -+ break; -+ - case PROP_START_TIME: - g_value_set_uint64 (value, unix_process->start_time); - break; -@@ -132,6 +142,14 @@ polkit_unix_process_set_property (GObject *object, - polkit_unix_process_set_pid (unix_process, g_value_get_int (value)); - break; - -+ case PROP_UID: -+ polkit_unix_process_set_uid (unix_process, g_value_get_int (value)); -+ break; -+ -+ case PROP_START_TIME: -+ polkit_unix_process_set_start_time (unix_process, g_value_get_uint64 (value)); -+ break; -+ - default: - G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec); - break; -@@ -139,12 +157,39 @@ polkit_unix_process_set_property (GObject *object, - } - - static void -+polkit_unix_process_constructed (GObject *object) -+{ -+ PolkitUnixProcess *process = POLKIT_UNIX_PROCESS (object); -+ -+ /* sets start_time and uid in case they are unset */ -+ -+ if (process->start_time == 0) -+ process->start_time = get_start_time_for_pid (process->pid, NULL); -+ -+ if (process->uid == -1) -+ { -+ GError *error; -+ error = NULL; -+ process->uid = _polkit_unix_process_get_owner (process, &error); -+ if (error != NULL) -+ { -+ process->uid = -1; -+ g_error_free (error); -+ } -+ } -+ -+ if (G_OBJECT_CLASS (polkit_unix_process_parent_class)->constructed != NULL) -+ G_OBJECT_CLASS (polkit_unix_process_parent_class)->constructed (object); -+} -+ -+static void - polkit_unix_process_class_init (PolkitUnixProcessClass *klass) - { - GObjectClass *gobject_class = G_OBJECT_CLASS (klass); - - gobject_class->get_property = polkit_unix_process_get_property; - gobject_class->set_property = polkit_unix_process_set_property; -+ gobject_class->constructed = polkit_unix_process_constructed; - - /** - * PolkitUnixProcess:pid: -@@ -156,7 +201,7 @@ polkit_unix_process_class_init (PolkitUnixProcessClass *klass) - g_param_spec_int ("pid", - "Process ID", - "The UNIX process ID", -- -1, -+ 0, - G_MAXINT, - 0, - G_PARAM_CONSTRUCT | -@@ -166,6 +211,27 @@ polkit_unix_process_class_init (PolkitUnixProcessClass *klass) - G_PARAM_STATIC_NICK)); - - /** -+ * PolkitUnixProcess:uid: -+ * -+ * The UNIX user id of the process or -1 if unknown. -+ * -+ * Note that this is the real user-id, not the effective user-id. -+ */ -+ g_object_class_install_property (gobject_class, -+ PROP_UID, -+ g_param_spec_int ("uid", -+ "User ID", -+ "The UNIX user ID", -+ -1, -+ G_MAXINT, -+ -1, -+ G_PARAM_CONSTRUCT | -+ G_PARAM_READWRITE | -+ G_PARAM_STATIC_NAME | -+ G_PARAM_STATIC_BLURB | -+ G_PARAM_STATIC_NICK)); -+ -+ /** - * PolkitUnixProcess:start-time: - * - * The start time of the process. -@@ -178,7 +244,8 @@ polkit_unix_process_class_init (PolkitUnixProcessClass *klass) - 0, - G_MAXUINT64, - 0, -- G_PARAM_READABLE | -+ G_PARAM_CONSTRUCT | -+ G_PARAM_READWRITE | - G_PARAM_STATIC_NAME | - G_PARAM_STATIC_BLURB | - G_PARAM_STATIC_NICK)); -@@ -186,113 +253,50 @@ polkit_unix_process_class_init (PolkitUnixProcessClass *klass) - } - - /** -- * polkit_unix_process_get_pid: -+ * polkit_unix_process_get_uid: - * @process: A #PolkitUnixProcess. - * -- * Gets the process id for @process. -+ * Gets the user id for @process. Note that this is the real user-id, -+ * not the effective user-id. - * -- * Returns: The process id for @process. -+ * Returns: The user id for @process or -1 if unknown. - */ - gint --polkit_unix_process_get_pid (PolkitUnixProcess *process) -+polkit_unix_process_get_uid (PolkitUnixProcess *process) - { -- g_return_val_if_fail (POLKIT_IS_UNIX_PROCESS (process), 0); -- return process->pid; -+ g_return_val_if_fail (POLKIT_IS_UNIX_PROCESS (process), -1); -+ return process->uid; - } - - /** -- * polkit_unix_process_get_owner: -+ * polkit_unix_process_set_uid: - * @process: A #PolkitUnixProcess. -- * @error: (allow-none): Return location for error or %NULL. -+ * @uid: The user id to set for @process or -1 to unset it. - * -- * Gets the uid of the owner of @process. -+ * Sets the (real, not effective) user id for @process. -+ */ -+void -+polkit_unix_process_set_uid (PolkitUnixProcess *process, -+ gint uid) -+{ -+ g_return_if_fail (POLKIT_IS_UNIX_PROCESS (process)); -+ g_return_if_fail (uid >= -1); -+ process->uid = uid; -+} -+ -+/** -+ * polkit_unix_process_get_pid: -+ * @process: A #PolkitUnixProcess. - * -- * Note that this returns the real user-id (not the effective user-id) of @process. -+ * Gets the process id for @process. - * -- * Returns: The UNIX user id of the owner for @process or 0 if @error is set. -- **/ -+ * Returns: The process id for @process. -+ */ - gint --polkit_unix_process_get_owner (PolkitUnixProcess *process, -- GError **error) -+polkit_unix_process_get_pid (PolkitUnixProcess *process) - { -- gint result; -- gchar *contents; -- gchar **lines; --#ifdef HAVE_FREEBSD -- struct kinfo_proc p; --#else -- gchar filename[64]; -- guint n; --#endif -- - g_return_val_if_fail (POLKIT_IS_UNIX_PROCESS (process), 0); -- g_return_val_if_fail (error == NULL || *error == NULL, 0); -- -- result = 0; -- lines = NULL; -- contents = NULL; -- --#ifdef HAVE_FREEBSD -- if (get_kinfo_proc (process->pid, &p) == 0) -- { -- g_set_error (error, -- POLKIT_ERROR, -- POLKIT_ERROR_FAILED, -- "get_kinfo_proc() failed for pid %d: %s", -- process->pid, -- g_strerror (errno)); -- goto out; -- } -- -- result = p.ki_uid; --#else -- -- /* see 'man proc' for layout of the status file -- * -- * Uid, Gid: Real, effective, saved set, and file system UIDs (GIDs). -- */ -- g_snprintf (filename, sizeof filename, "/proc/%d/status", process->pid); -- if (!g_file_get_contents (filename, -- &contents, -- NULL, -- error)) -- { -- goto out; -- } -- lines = g_strsplit (contents, "\n", -1); -- for (n = 0; lines != NULL && lines[n] != NULL; n++) -- { -- gint real_uid, effective_uid; -- if (!g_str_has_prefix (lines[n], "Uid:")) -- continue; -- if (sscanf (lines[n] + 4, "%d %d", &real_uid, &effective_uid) != 2) -- { -- g_set_error (error, -- POLKIT_ERROR, -- POLKIT_ERROR_FAILED, -- "Unexpected line `%s' in file %s", -- lines[n], -- filename); -- goto out; -- } -- else -- { -- result = real_uid; -- goto out; -- } -- } -- -- g_set_error (error, -- POLKIT_ERROR, -- POLKIT_ERROR_FAILED, -- "Didn't find any line starting with `Uid:' in file %s", -- filename); --#endif -- --out: -- g_strfreev (lines); -- g_free (contents); -- return result; -+ return process->pid; - } - - /** -@@ -311,6 +315,21 @@ polkit_unix_process_get_start_time (PolkitUnixProcess *process) - } - - /** -+ * polkit_unix_process_set_start_time: -+ * @process: A #PolkitUnixProcess. -+ * @start_time: The start time for @pid. -+ * -+ * Set the start time of @process. -+ */ -+void -+polkit_unix_process_set_start_time (PolkitUnixProcess *process, -+ guint64 start_time) -+{ -+ g_return_if_fail (POLKIT_IS_UNIX_PROCESS (process)); -+ process->start_time = start_time; -+} -+ -+/** - * polkit_unix_process_set_pid: - * @process: A #PolkitUnixProcess. - * @pid: A process id. -@@ -323,18 +342,17 @@ polkit_unix_process_set_pid (PolkitUnixProcess *process, - { - g_return_if_fail (POLKIT_IS_UNIX_PROCESS (process)); - process->pid = pid; -- if (pid != (gint) -1) -- process->start_time = get_start_time_for_pid (pid, NULL); - } - - /** - * polkit_unix_process_new: - * @pid: The process id. - * -- * Creates a new #PolkitUnixProcess for @pid. The start time of the -- * process will be looked up in using e.g. the -- * <filename>/proc</filename> filesystem depending on the platform in -- * use. -+ * Creates a new #PolkitUnixProcess for @pid. -+ * -+ * The uid and start time of the process will be looked up in using -+ * e.g. the <filename>/proc</filename> filesystem depending on the -+ * platform in use. - * - * Returns: (transfer full): A #PolkitSubject. Free with g_object_unref(). - */ -@@ -353,22 +371,42 @@ polkit_unix_process_new (gint pid) - * - * Creates a new #PolkitUnixProcess object for @pid and @start_time. - * -+ * The uid of the process will be looked up in using e.g. the -+ * <filename>/proc</filename> filesystem depending on the platform in -+ * use. -+ * - * Returns: (transfer full): A #PolkitSubject. Free with g_object_unref(). - */ - PolkitSubject * - polkit_unix_process_new_full (gint pid, - guint64 start_time) - { -- PolkitUnixProcess *process; -- -- process = POLKIT_UNIX_PROCESS (polkit_unix_process_new ((gint) -1)); -- process->pid = pid; -- if (start_time != 0) -- process->start_time = start_time; -- else -- process->start_time = get_start_time_for_pid (pid, NULL); -+ return POLKIT_SUBJECT (g_object_new (POLKIT_TYPE_UNIX_PROCESS, -+ "pid", pid, -+ "start_time", start_time, -+ NULL)); -+} - -- return POLKIT_SUBJECT (process); -+/** -+ * polkit_unix_process_new_for_owner: -+ * @pid: The process id. -+ * @start_time: The start time for @pid or 0 to look it up in e.g. <filename>/proc</filename>. -+ * @uid: The (real, not effective) uid of the owner of @pid or -1 to look it up in e.g. <filename>/proc</filename>. -+ * -+ * Creates a new #PolkitUnixProcess object for @pid, @start_time and @uid. -+ * -+ * Returns: (transfer full): A #PolkitSubject. Free with g_object_unref(). -+ */ -+PolkitSubject * -+polkit_unix_process_new_for_owner (gint pid, -+ guint64 start_time, -+ gint uid) -+{ -+ return POLKIT_SUBJECT (g_object_new (POLKIT_TYPE_UNIX_PROCESS, -+ "pid", pid, -+ "start_time", start_time, -+ "uid", uid, -+ NULL)); - } - - static guint -@@ -616,3 +654,95 @@ out: - - return start_time; - } -+ -+static gint -+_polkit_unix_process_get_owner (PolkitUnixProcess *process, -+ GError **error) -+{ -+ gint result; -+ gchar *contents; -+ gchar **lines; -+#ifdef HAVE_FREEBSD -+ struct kinfo_proc p; -+#else -+ gchar filename[64]; -+ guint n; -+#endif -+ -+ g_return_val_if_fail (POLKIT_IS_UNIX_PROCESS (process), 0); -+ g_return_val_if_fail (error == NULL || *error == NULL, 0); -+ -+ result = 0; -+ lines = NULL; -+ contents = NULL; -+ -+#ifdef HAVE_FREEBSD -+ if (get_kinfo_proc (process->pid, &p) == 0) -+ { -+ g_set_error (error, -+ POLKIT_ERROR, -+ POLKIT_ERROR_FAILED, -+ "get_kinfo_proc() failed for pid %d: %s", -+ process->pid, -+ g_strerror (errno)); -+ goto out; -+ } -+ -+ result = p.ki_uid; -+#else -+ -+ /* see 'man proc' for layout of the status file -+ * -+ * Uid, Gid: Real, effective, saved set, and file system UIDs (GIDs). -+ */ -+ g_snprintf (filename, sizeof filename, "/proc/%d/status", process->pid); -+ if (!g_file_get_contents (filename, -+ &contents, -+ NULL, -+ error)) -+ { -+ goto out; -+ } -+ lines = g_strsplit (contents, "\n", -1); -+ for (n = 0; lines != NULL && lines[n] != NULL; n++) -+ { -+ gint real_uid, effective_uid; -+ if (!g_str_has_prefix (lines[n], "Uid:")) -+ continue; -+ if (sscanf (lines[n] + 4, "%d %d", &real_uid, &effective_uid) != 2) -+ { -+ g_set_error (error, -+ POLKIT_ERROR, -+ POLKIT_ERROR_FAILED, -+ "Unexpected line `%s' in file %s", -+ lines[n], -+ filename); -+ goto out; -+ } -+ else -+ { -+ result = real_uid; -+ goto out; -+ } -+ } -+ -+ g_set_error (error, -+ POLKIT_ERROR, -+ POLKIT_ERROR_FAILED, -+ "Didn't find any line starting with `Uid:' in file %s", -+ filename); -+#endif -+ -+out: -+ g_strfreev (lines); -+ g_free (contents); -+ return result; -+} -+ -+/* deprecated public method */ -+gint -+polkit_unix_process_get_owner (PolkitUnixProcess *process, -+ GError **error) -+{ -+ return _polkit_unix_process_get_owner (process, error); -+} -diff --git a/src/polkit/polkitunixprocess.h b/src/polkit/polkitunixprocess.h -index b88cd03..531a57d 100644 ---- a/src/polkit/polkitunixprocess.h -+++ b/src/polkit/polkitunixprocess.h -@@ -47,16 +47,24 @@ typedef struct _PolkitUnixProcess PolkitUnixProcess; - typedef struct _PolkitUnixProcessClass PolkitUnixProcessClass; - - GType polkit_unix_process_get_type (void) G_GNUC_CONST; --PolkitSubject *polkit_unix_process_new (gint pid); --PolkitSubject *polkit_unix_process_new_full (gint pid, -- guint64 start_time); -- -+PolkitSubject *polkit_unix_process_new (gint pid); -+PolkitSubject *polkit_unix_process_new_full (gint pid, -+ guint64 start_time); -+PolkitSubject *polkit_unix_process_new_for_owner (gint pid, -+ guint64 start_time, -+ gint uid); - gint polkit_unix_process_get_pid (PolkitUnixProcess *process); - guint64 polkit_unix_process_get_start_time (PolkitUnixProcess *process); -+gint polkit_unix_process_get_uid (PolkitUnixProcess *process); - void polkit_unix_process_set_pid (PolkitUnixProcess *process, - gint pid); -+void polkit_unix_process_set_uid (PolkitUnixProcess *process, -+ gint uid); -+void polkit_unix_process_set_start_time (PolkitUnixProcess *process, -+ guint64 start_time); -+ - gint polkit_unix_process_get_owner (PolkitUnixProcess *process, -- GError **error); -+ GError **error) G_GNUC_DEPRECATED_FOR (polkit_unix_process_get_uid); - - G_END_DECLS - --- -1.7.4.4 - |