Hello community, here is the log from the commit of package krb5 checked in at Fri Aug 11 15:52:31 CEST 2006. -------- --- krb5/krb5.changes 2006-08-07 15:56:00.000000000 +0200 +++ krb5/krb5.changes 2006-08-11 14:47:07.000000000 +0200 @@ -1,0 +2,7 @@ +Fri Aug 11 14:29:27 CEST 2006 - mc@suse.de + +- krb5 setuid return check fixes + krb5-1.4.3-MITKRB5-SA-2006-001-setuid-return-checks.dif + [#182351] + +------------------------------------------------------------------- New: ---- krb5-1.4.3-MITKRB5-SA-2006-001-setuid-return-checks.dif ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ krb5-doc.spec ++++++ --- /var/tmp/diff_new_pack.v654ky/_old 2006-08-11 15:51:00.000000000 +0200 +++ /var/tmp/diff_new_pack.v654ky/_new 2006-08-11 15:51:00.000000000 +0200 @@ -13,7 +13,7 @@ Name: krb5-doc BuildRequires: ghostscript-library latex2html te_ams Version: 1.5 -Release: 4 +Release: 5 %define srcRoot krb5-1.5 Summary: MIT Kerberos5 Implementation--Documentation License: X11/MIT ++++++ krb5.spec ++++++ --- /var/tmp/diff_new_pack.v654ky/_old 2006-08-11 15:51:00.000000000 +0200 +++ /var/tmp/diff_new_pack.v654ky/_new 2006-08-11 15:51:00.000000000 +0200 @@ -12,7 +12,7 @@ Name: krb5 Version: 1.5 -Release: 4 +Release: 5 BuildRequires: libcom_err %define srcRoot krb5-1.5 %define vendorFiles %{_builddir}/%{srcRoot}/vendor-files/ @@ -32,6 +32,7 @@ Patch2: krb5-1.4-compile_pie.dif Patch3: krb5-1.4-fix-segfault.dif Patch6: trunk-EncryptWithMasterKey.dif +Patch7: krb5-1.4.3-MITKRB5-SA-2006-001-setuid-return-checks.dif Patch12: warning-fix-util-support.dif Patch14: warning-fix-lib-crypto-des.dif Patch15: warning-fix-lib-crypto-dk.dif @@ -176,6 +177,7 @@ %patch3 %patch6 cd %{_builddir}/%{srcRoot}/src +%patch7 %patch12 %patch14 %patch15 @@ -474,6 +476,10 @@ %{_mandir}/man1/krb5-config.1* %changelog -n krb5 +* Fri Aug 11 2006 - mc@suse.de +- krb5 setuid return check fixes + krb5-1.4.3-MITKRB5-SA-2006-001-setuid-return-checks.dif + [#182351] * Mon Aug 07 2006 - mc@suse.de - remove update-messages * Mon Jul 24 2006 - mc@suse.de ++++++ krb5-1.4.3-MITKRB5-SA-2006-001-setuid-return-checks.dif ++++++ Index: appl/gssftp/ftpd/ftpd.c =================================================================== --- appl/gssftp/ftpd/ftpd.c (revision 18149) +++ appl/gssftp/ftpd/ftpd.c (working copy) @@ -1368,7 +1368,9 @@ goto bad; sleep(tries); } - (void) krb5_seteuid((uid_t)pw->pw_uid); + if (krb5_seteuid((uid_t)pw->pw_uid)) { + fatal("seteuid user"); + } #ifdef IP_TOS #ifdef IPTOS_THROUGHPUT on = IPTOS_THROUGHPUT; @@ -1378,7 +1380,9 @@ #endif return (fdopen(s, fmode)); bad: - (void) krb5_seteuid((uid_t)pw->pw_uid); + if (krb5_seteuid((uid_t)pw->pw_uid)) { + fatal("seteuid user"); + } (void) close(s); return (NULL); } @@ -2187,7 +2191,9 @@ (void) krb5_seteuid((uid_t)pw->pw_uid); goto pasv_error; } - (void) krb5_seteuid((uid_t)pw->pw_uid); + if (krb5_seteuid((uid_t)pw->pw_uid)) { + fatal("seteuid user"); + } len = sizeof(pasv_addr); if (getsockname(pdata, (struct sockaddr *) &pasv_addr, &len) < 0) goto pasv_error; Index: appl/bsd/v4rcp.c =================================================================== --- appl/bsd/v4rcp.c (revision 18149) +++ appl/bsd/v4rcp.c (working copy) @@ -436,7 +436,10 @@ kstream_set_buffer_mode (krem, 0); #endif /* KERBEROS && !NOENCRYPTION */ (void) response(); - (void) setuid(userid); + if (setuid(userid)) { + error("rcp: can't setuid(user)\n"); + exit(1); + } source(--argc, ++argv); exit(errs); @@ -452,7 +455,10 @@ krem = kstream_create_from_fd (rem, 0, 0); kstream_set_buffer_mode (krem, 0); #endif /* KERBEROS && !NOENCRYPTION */ - (void) setuid(userid); + if (setuid(userid)) { + error("rcp: can't setuid(user)\n"); + exit(1); + } sink(--argc, ++argv); exit(errs); Index: appl/bsd/krcp.c =================================================================== --- appl/bsd/krcp.c (revision 18149) +++ appl/bsd/krcp.c (working copy) @@ -620,7 +620,9 @@ euid = geteuid(); if (euid == 0) { - (void) setuid(0); + if (setuid(0)) { + perror("rcp setuid 0"); errs++; exit(errs); + } if(krb5_seteuid(userid)) { perror("rcp seteuid user"); errs++; exit(errs); } @@ -638,11 +640,17 @@ continue; rcmd_stream_init_normal(); #ifdef HAVE_SETREUID - (void) setreuid(0, userid); + if (setreuid(0, userid)) { + perror("rcp setreuid 0,user"); errs++; exit(errs); + } sink(1, argv+argc-1); - (void) setreuid(userid, 0); + if (setreuid(userid, 0)) { + perror("rcp setreuid user,0"); errs++; exit(errs); + } #else - (void) setuid(0); + if (setuid(0)) { + perror("rcp setuid 0"); errs++; exit(errs); + } if(seteuid(userid)) { perror("rcp seteuid user"); errs++; exit(errs); } Index: appl/bsd/login.c =================================================================== --- appl/bsd/login.c (revision 18149) +++ appl/bsd/login.c (working copy) @@ -1648,7 +1648,10 @@ } #endif /* HAVE_SETLUID */ #ifdef _IBMR2 - setuidx(ID_LOGIN, pwd->pw_uid); + if (setuidx(ID_LOGIN, pwd->pw_uid) < 0) { + perror("setuidx"); + sleepexit(1); + }; #endif /* This call MUST succeed */ Index: appl/bsd/krshd.c =================================================================== --- appl/bsd/krshd.c (revision 18149) +++ appl/bsd/krshd.c (working copy) @@ -1379,9 +1379,15 @@ * If we're on a system which keeps track of login uids, then * set the login uid. */ - setluid((uid_t) pwd->pw_uid); + if (setluid((uid_t) pwd->pw_uid) < 0) { + perror("setluid"); + _exit(1); + } #endif /* HAVE_SETLUID */ - (void) setuid((uid_t)pwd->pw_uid); + if (setuid((uid_t)pwd->pw_uid) < 0) { + perror("setuid"); + _exit(1); + } /* if TZ is set in the parent, drag it in */ { char **findtz = environ; Index: clients/ksu/main.c =================================================================== --- clients/ksu/main.c (revision 18149) +++ clients/ksu/main.c (working copy) @@ -892,9 +892,12 @@ const char * cc_name; struct stat st_temp; - krb5_seteuid(0); - krb5_seteuid(target_uid); - + if (krb5_seteuid(0) < 0 || krb5_seteuid(target_uid) < 0) { + com_err(prog_name, errno, + "while returning to source uid for destroying ccache"); + exit(1); + } + cc_name = krb5_cc_get_name(context, cc); if ( ! stat(cc_name, &st_temp)){ if ((retval = krb5_cc_destroy(context, cc))){ Index: lib/krb4/kuserok.c =================================================================== --- lib/krb4/kuserok.c (revision 18149) +++ lib/krb4/kuserok.c (working copy) @@ -159,9 +159,11 @@ */ if(getuid() == 0) { uid_t old_euid = geteuid(); - seteuid(pwd->pw_uid); + if (seteuid(pwd->pw_uid) < 0) + return NOTOK; fp = fopen(pbuf, "r"); - seteuid(old_euid); + if (seteuid(old_euid) < 0) + return NOTOK; if ((fp) == NULL) { return(NOTOK); } ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun...