Hello community,
here is the log from the commit of package openvas-manager for openSUSE:Factory
checked in at Mon May 2 14:20:53 CEST 2011.
--------
--- openvas-manager/openvas-manager.changes 2011-03-03 01:57:28.000000000 +0100
+++ /mounts/work_src_done/STABLE/openvas-manager/openvas-manager.changes 2011-04-22 13:26:13.000000000 +0200
@@ -1,0 +2,9 @@
+Fri Apr 22 10:12:32 UTC 2011 - bitshuffler@opensuse.org
+
+- Updated to 2.0.3
+ * Enforces strict permissions on sensitive OpenVAS Manager files.
+ * Drop privileges before executing report format plugins if running with
+ elevated privileges.
+ * Ensures report formats are trusted before executing them.
+
+-------------------------------------------------------------------
calling whatdependson for head-i586
Old:
----
openvas-manager-2.0.2.tar.gz
New:
----
debian.series
openvas-manager-2.0.3-install.patch
openvas-manager-2.0.3.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ openvas-manager.spec ++++++
--- /var/tmp/diff_new_pack.kzOMe9/_old 2011-05-02 14:18:36.000000000 +0200
+++ /var/tmp/diff_new_pack.kzOMe9/_new 2011-05-02 14:18:36.000000000 +0200
@@ -19,9 +19,9 @@
Name: openvas-manager
-Version: 2.0.2
+Version: 2.0.3
Release: 1
-License: GNU GPL v2 or later
+License: GPLv2+
Group: Productivity/Networking/Security
Url: http://www.openvas.org
Source0: %{name}-%{version}.tar.gz
@@ -30,6 +30,7 @@
Source3: openvasmd.init.suse
Source4: openvasmd.init.fedora
Source5: openvasmd.init.mandriva
+Patch0: openvas-manager-2.0.3-install.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-build
%if 0%{?fedora_version} || 0%{?scientificlinux_version}
@@ -64,6 +65,7 @@
%prep
%setup -q
+%patch0
%build
%if 0%{?mandriva_version}
@@ -163,7 +165,6 @@
%doc CHANGES README
%config(noreplace) %{_sysconfdir}/logrotate.d/openvas-manager
%dir %{_sysconfdir}/openvas
-#config(noreplace) %{_sysconfdir}/openvas/openvasmd
%config(noreplace) %{_sysconfdir}/openvas/openvasmd_log.conf
%{_initrddir}/openvas-manager
%{_sbindir}/openvasmd
@@ -171,6 +172,7 @@
%{_datadir}/openvas/openvasmd
%dir %{_localstatedir}/lib/openvas
%{_localstatedir}/lib/openvas/mgr
+%{_localstatedir}/lib/openvas/openvasmd
%dir %{_localstatedir}/log/openvas
%ghost %{_localstatedir}/log/openvas/openvasmd.log
++++++ debian.changelog ++++++
--- /var/tmp/diff_new_pack.kzOMe9/_old 2011-05-02 14:18:36.000000000 +0200
+++ /var/tmp/diff_new_pack.kzOMe9/_new 2011-05-02 14:18:36.000000000 +0200
@@ -1,3 +1,13 @@
+openvas-manager (2.0.3-1) UNRELEASED; urgency=low
+
+ * New upstream release.
+ - Enforces strict permissions on sensitive OpenVAS Manager files.
+ - Drop privileges before executing report format plugins if running with
+ elevated privileges.
+ - Ensures report formats are trusted before executing them.
+
+ -- Stephan Kleine Fri, 22 Apr 2011 12:13:53 +0200
+
openvas-manager (2.0.2-1) UNRELEASED; urgency=low
* New upstream release.
++++++ debian.openvas-manager.dirs ++++++
--- /var/tmp/diff_new_pack.kzOMe9/_old 2011-05-02 14:18:36.000000000 +0200
+++ /var/tmp/diff_new_pack.kzOMe9/_new 2011-05-02 14:18:36.000000000 +0200
@@ -1 +1,3 @@
+var/lib/openvas/mgr
+var/lib/openvas/openvasmd/report_formats
var/log/openvas
++++++ debian.series ++++++
openvas-manager-2.0.3-install.patch -p0
++++++ openvas-manager-2.0.3-install.patch ++++++
Index: CMakeLists.txt
===================================================================
--- CMakeLists.txt.orig 2011-04-15 15:30:03.000000000 +0200
+++ CMakeLists.txt 2011-04-22 12:29:06.124935838 +0200
@@ -257,7 +257,7 @@ enable_testing ()
## Install
-install (CODE "file (MAKE_DIRECTORY ${OPENVAS_STATE_DIR}/openvasmd/report_formats/)")
+install (CODE "FILE(MAKE_DIRECTORY \$ENV{DESTDIR}${OPENVAS_STATE_DIR}/openvasmd/report_formats)")
install (FILES ${CMAKE_BINARY_DIR}/src/openvasmd_log.conf
DESTINATION ${OPENVAS_SYSCONF_DIR})
++++++ openvas-manager-2.0.2.tar.gz -> openvas-manager-2.0.3.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openvas-manager-2.0.2/CHANGES new/openvas-manager-2.0.3/CHANGES
--- old/openvas-manager-2.0.2/CHANGES 2011-03-02 15:21:27.000000000 +0100
+++ new/openvas-manager-2.0.3/CHANGES 2011-04-15 15:30:03.000000000 +0200
@@ -1,3 +1,34 @@
+openvas-manager 2.0.3 (2011-04-15)
+
+This is the third maintenance release of the openvas-manager 2.0 module for the
+Open Vulnerability Assessment System release 4 (OpenVAS-4). The OpenVAS Manager
+is the central management service between the actual security scanner and
+various user clients.
+
+This release fixes a severe security issue discovered after the release of
+openvas-manager 2.0.2. By crafting a special report format plugin, and knowing
+about the operating system on which OpenVAS Manager is running, a rogue user
+was able to upload the plugin and execute arbitrary code with the privileges of
+the user running the OpenVAS Manager.
+
+This release enforces strict permissions on sensitive OpenVAS Manager files and
+will drop privileges when executing report format plugins if it is running with
+potentially dangerous privileges. Furthermore, it forces report formats to be
+trusted before executing them.
+
+We strongly recommended upgrading existing installations of OpenVAS-4 to
+openvas-manager 2.0.3.
+
+Many thanks to everyone who has contributed to this release:
+Henri Doreau, Matthew Mundell, Michael Wiegand and Jan-Oliver Wagner.
+
+Main changes since 2.0.2:
+* Enforces strict permissions on sensitive OpenVAS Manager files.
+* Drop privileges before executing report format plugins if running with
+ elevated privileges.
+* Ensures report formats are trusted before executing them.
+
+
openvas-manager 2.0.2 (2011-03-02)
This is the second maintenance release of the openvas-manager 2.0 module for the
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openvas-manager-2.0.2/CMakeLists.txt new/openvas-manager-2.0.3/CMakeLists.txt
--- old/openvas-manager-2.0.2/CMakeLists.txt 2011-03-02 15:21:27.000000000 +0100
+++ new/openvas-manager-2.0.3/CMakeLists.txt 2011-04-15 15:30:03.000000000 +0200
@@ -78,7 +78,7 @@
set (CPACK_TOPLEVEL_TAG "")
set (CPACK_PACKAGE_VERSION_MAJOR "2")
set (CPACK_PACKAGE_VERSION_MINOR "0")
-set (CPACK_PACKAGE_VERSION_PATCH "2${SVN_REVISION}")
+set (CPACK_PACKAGE_VERSION_PATCH "3${SVN_REVISION}")
set (CPACK_PACKAGE_VERSION "${CPACK_PACKAGE_VERSION_MAJOR}.${CPACK_PACKAGE_VERSION_MINOR}.${CPACK_PACKAGE_VERSION_PATCH}")
set (CPACK_PACKAGE_FILE_NAME "${PROJECT_NAME}-${CPACK_PACKAGE_VERSION}")
set (CPACK_SOURCE_PACKAGE_FILE_NAME "${PROJECT_NAME}-${CPACK_PACKAGE_VERSION}")
@@ -257,62 +257,64 @@
## Install
+install (CODE "file (MAKE_DIRECTORY ${OPENVAS_STATE_DIR}/openvasmd/report_formats/)")
+
install (FILES ${CMAKE_BINARY_DIR}/src/openvasmd_log.conf
DESTINATION ${OPENVAS_SYSCONF_DIR})
install (FILES src/report_formats/CPE/generate
src/report_formats/CPE/CPE.xsl
DESTINATION ${OPENVAS_DATA_DIR}/openvasmd/global_report_formats/a0704abb-2120-489f-959f-251c9f4ffebd/
- PERMISSIONS OWNER_WRITE OWNER_READ GROUP_WRITE GROUP_READ)
+ PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ)
install (FILES src/report_formats/HTML/generate
src/report_formats/HTML/HTML.xsl
DESTINATION ${OPENVAS_DATA_DIR}/openvasmd/global_report_formats/b993b6f5-f9fb-4e6e-9c94-dd46c00e058d/
- PERMISSIONS OWNER_WRITE OWNER_READ GROUP_WRITE GROUP_READ)
+ PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ)
install (FILES src/report_formats/ITG/generate
src/report_formats/ITG/ITG.xsl
DESTINATION ${OPENVAS_DATA_DIR}/openvasmd/global_report_formats/929884c6-c2c4-41e7-befb-2f6aa163b458/
- PERMISSIONS OWNER_WRITE OWNER_READ GROUP_WRITE GROUP_READ)
+ PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ)
install (FILES src/report_formats/LaTeX/generate
src/report_formats/LaTeX/latex.xsl
DESTINATION ${OPENVAS_DATA_DIR}/openvasmd/global_report_formats/9f1ab17b-aaaa-411a-8c57-12df446f5588/
- PERMISSIONS OWNER_WRITE OWNER_READ GROUP_WRITE GROUP_READ)
+ PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ)
install (FILES src/report_formats/NBE/generate
src/report_formats/NBE/NBE.xsl
DESTINATION ${OPENVAS_DATA_DIR}/openvasmd/global_report_formats/f5c2a364-47d2-4700-b21d-0a7693daddab/
- PERMISSIONS OWNER_WRITE OWNER_READ GROUP_WRITE GROUP_READ)
+ PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ)
install (FILES src/report_formats/PDF/generate
src/report_formats/LaTeX/latex.xsl
DESTINATION ${OPENVAS_DATA_DIR}/openvasmd/global_report_formats/1a60a67e-97d0-4cbf-bc77-f71b08e7043d/
- PERMISSIONS OWNER_WRITE OWNER_READ GROUP_WRITE GROUP_READ)
+ PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ)
install (FILES src/report_formats/TXT/generate src/report_formats/TXT/TXT.xsl
DESTINATION ${OPENVAS_DATA_DIR}/openvasmd/global_report_formats/19f6f1b3-7128-4433-888c-ccc764fe6ed5/
- PERMISSIONS OWNER_WRITE OWNER_READ GROUP_WRITE GROUP_READ)
+ PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ)
install (FILES src/report_formats/XML/generate
DESTINATION ${OPENVAS_DATA_DIR}/openvasmd/global_report_formats/d5da9f67-8551-4e51-807b-b6a873d70e34/
- PERMISSIONS OWNER_WRITE OWNER_READ GROUP_WRITE GROUP_READ)
+ PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ)
install (FILES src/schema_formats/HTML/generate
src/schema_formats/RNC/rnc.xsl
src/schema_formats/HTML/HTML.xsl
DESTINATION ${OPENVAS_DATA_DIR}/openvasmd/global_schema_formats/02052818-dab6-11df-9be4-002264764cea/
- PERMISSIONS OWNER_WRITE OWNER_READ GROUP_WRITE GROUP_READ)
+ PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ)
install (FILES src/schema_formats/RNC/generate
src/schema_formats/RNC/rnc.xsl
src/schema_formats/RNC/RNC.xsl
DESTINATION ${OPENVAS_DATA_DIR}/openvasmd/global_schema_formats/787a4a18-dabc-11df-9486-002264764cea/
- PERMISSIONS OWNER_WRITE OWNER_READ GROUP_WRITE GROUP_READ)
+ PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ)
install (FILES src/schema_formats/XML/generate
src/schema_formats/XML/OMP.xml
DESTINATION ${OPENVAS_DATA_DIR}/openvasmd/global_schema_formats/18e826fc-dab6-11df-b913-002264764cea/
- PERMISSIONS OWNER_WRITE OWNER_READ GROUP_WRITE GROUP_READ)
+ PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ)
## End
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openvas-manager-2.0.2/ChangeLog new/openvas-manager-2.0.3/ChangeLog
--- old/openvas-manager-2.0.2/ChangeLog 2011-03-02 15:21:27.000000000 +0100
+++ new/openvas-manager-2.0.3/ChangeLog 2011-04-15 15:30:03.000000000 +0200
@@ -1,3 +1,101 @@
+2011-04-15 Michael Wiegand
+
+ Preparing the openvas-manager 2.0.3 release.
+
+ * CHANGES: Updated.
+
+2011-04-15 Michael Wiegand
+
+ * src/manage_sql.c (delete_report_format): Free allocated char on
+ failure.
+
+2011-04-15 Michael Wiegand
+
+ Make predefined report formats always available. Adapted from trunk
+ from code committed by Matthew Mundell in r10777.
+
+ * src/omp.c (omp_xml_handle_end_element): In OMP GET_REPORT_FORMATS
+ allow predefined formats always.
+
+ * src/manage_sql.c (manage_report, manage_send_report): Allow predefined
+ formats always.
+
+2011-04-15 Michael Wiegand
+
+ Refuse to delete predefined report formats. Adapted from trunk from
+ code committed by Matthew Mundell in r10776.
+
+ * src/manage_sql.c (delete_report_format): Fail if format is predefined.
+ (report_format_predefined): New function.
+
+ * src/manage.h: Add header accordingly.
+
+ * src/omp.c (omp_xml_handle_end_element): In CLIENT_GET_REPORTS remove
+ erroneous case and add predefined case.
+
+2011-04-15 Michael Wiegand
+
+ Require that format trust is "yes". Backport from trunk; initially
+ committed by Matthew Mundell in r10774.
+
+ * src/manage_sql.c (manage_report, manage_send_report): Accept only
+ trusted report formats.
+ (report_format_trust): New function.
+
+ * src/manage.h: Add header accordingly.
+
+ * src/omp.c (omp_xml_handle_end_element): In CLIENT_GET_REPORTS check
+ report format trust.
+
+2011-04-15 Michael Wiegand
+
+ Drop privileges in report creation when running as root. Backport from
+ trunk; initially committed by Matthew Mundell in r10772.
+
+ * CMakeLists.txt: Create the user report_formats directory, so that it's
+ world readable, for nobody. Make the predefined report formats world
+ readable, for nobody.
+
+ * src/manage_sql.c (manage_report, manage_send_report): Drop to nobody
+ within the spawned command when running as root. This prevents the report
+ formats from having root access.
+ (create_report_format): Ensure that nobody can access the installed report
+ formats.
+
+2011-04-14 Michael Wiegand
+
+ * src/manage_sql.c (init_manage_process): Reduce permissions if they are
+ too loose. Backport from trunk; initially committed by Matthew Mundell
+ in r10762 and r10763.
+
+2011-04-14 Michael Wiegand
+
+ * src/openvasmd.c (main): Set very restrictive umask. Backport from
+ trunk; initially committed by Matthew Mundell in r10758.
+
+2011-03-31 Matthew Mundell
+
+ * src/manage_sql.c (find_report_format): Add a user check to the
+ constraint XML because multiple users can import the same report format.
+ Backport from trunk; initially committed in r10632.
+
+2011-03-31 Matthew Mundell
+
+ * src/manage_sql.c (migrate_37_to_38): Use "mv" to do the move, because
+ "rename" requires the dirs to be on the same file system. Backport from
+ trunk; initially committed in r10663.
+
+2011-03-08 Matthew Mundell
+
+ * src/manage_sql.c (delete_lsc_credential)
+ (init_lsc_credential_iterator): Check both credentials in targets.
+
+2011-03-02 Michael Wiegand
+
+ Post release version bump.
+
+ * CMakeLists.txt: Updated version number.
+
2011-03-02 Michael Wiegand
Preparing the openvas-manager 2.0.2 release.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openvas-manager-2.0.2/src/manage.h new/openvas-manager-2.0.3/src/manage.h
--- old/openvas-manager-2.0.2/src/manage.h 2011-03-02 15:21:27.000000000 +0100
+++ new/openvas-manager-2.0.3/src/manage.h 2011-04-15 15:30:03.000000000 +0200
@@ -1553,6 +1553,9 @@
report_format_global (report_format_t);
int
+report_format_predefined (report_format_t);
+
+int
report_format_active (report_format_t);
void
@@ -1641,6 +1644,9 @@
report_format_param_type_t
report_format_param_type_from_name (const char *);
+int
+report_format_trust (report_format_t);
+
void
init_report_format_param_iterator (iterator_t*, report_format_t, int,
const char*);
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openvas-manager-2.0.2/src/manage_sql.c new/openvas-manager-2.0.3/src/manage_sql.c
--- old/openvas-manager-2.0.2/src/manage_sql.c 2011-03-02 15:21:27.000000000 +0100
+++ new/openvas-manager-2.0.3/src/manage_sql.c 2011-04-15 15:30:00.000000000 +0200
@@ -40,6 +40,7 @@
#include
#include
#include
+#include
#include
#include
#include
@@ -4194,7 +4195,6 @@
new_dir = g_build_filename (OPENVAS_STATE_DIR,
"openvasmd",
- "report_formats",
NULL);
if (g_mkdir_with_parents (new_dir, 0755 /* "rwxr-xr-x" */))
@@ -4213,17 +4213,51 @@
/* Ensure the old dir exists. */
g_mkdir_with_parents (old_dir, 0755 /* "rwxr-xr-x" */);
- if (rename (old_dir, new_dir))
- {
- g_warning ("%s: renaming %s to %s failed: %s\n",
- __FUNCTION__,
- old_dir,
- new_dir,
- strerror (errno));
- g_free (old_dir);
- g_free (new_dir);
- sql ("ROLLBACK;");
- }
+ {
+ gchar **cmd;
+ gchar *standard_out = NULL;
+ gchar *standard_err = NULL;
+ gint exit_status;
+
+ cmd = (gchar **) g_malloc (4 * sizeof (gchar *));
+ cmd[0] = g_strdup ("mv");
+ cmd[1] = old_dir;
+ cmd[2] = new_dir;
+ cmd[3] = NULL;
+ g_debug ("%s: Spawning in .: %s %s %s\n",
+ __FUNCTION__, cmd[0], cmd[1], cmd[2]);
+ if ((g_spawn_sync (".",
+ cmd,
+ NULL, /* Environment. */
+ G_SPAWN_SEARCH_PATH,
+ NULL, /* Setup function. */
+ NULL,
+ &standard_out,
+ &standard_err,
+ &exit_status,
+ NULL)
+ == FALSE)
+ || (WIFEXITED (exit_status) == 0)
+ || WEXITSTATUS (exit_status))
+ {
+ g_warning ("%s: failed rename: %d (WIF %i, WEX %i)",
+ __FUNCTION__,
+ exit_status,
+ WIFEXITED (exit_status),
+ WEXITSTATUS (exit_status));
+ g_debug ("%s: stdout: %s\n", __FUNCTION__, standard_out);
+ g_debug ("%s: stderr: %s\n", __FUNCTION__, standard_err);
+ g_free (old_dir);
+ g_free (new_dir);
+ g_free (cmd[0]);
+ g_free (cmd);
+ sql ("ROLLBACK;");
+ return -1;
+ }
+
+ g_free (cmd[0]);
+ g_free (cmd);
+ }
g_free (old_dir);
g_free (new_dir);
@@ -6234,6 +6268,24 @@
abort ();
}
+ {
+ struct stat state;
+ stat (database ? database : OPENVAS_STATE_DIR "/mgr/tasks.db", &state);
+ if (state.st_mode & (S_IXUSR | S_IRWXG | S_IRWXO))
+ {
+ g_warning ("%s: database permissions are too loose, repairing\n",
+ __FUNCTION__);
+ if (chmod (database ? database : OPENVAS_STATE_DIR "/mgr/tasks.db",
+ S_IRUSR | S_IWUSR))
+ {
+ g_warning ("%s: chmod failed: %s\n",
+ __FUNCTION__,
+ strerror (errno));
+ abort ();
+ }
+ }
+ }
+
#ifndef S_SPLINT_S
/* Open the database. */
if (sqlite3_open (database ? database
@@ -11979,6 +12031,10 @@
/* Print the report as XML to a file. */
+ if ((report_format_predefined (report_format) == 0)
+ && (report_format_trust (report_format) != TRUST_YES))
+ return NULL;
+
if (report_task (report, &task))
return NULL;
@@ -12101,11 +12157,41 @@
/* Call the script. */
- command = g_strdup_printf ("/bin/sh %s %s > %s"
- " 2> /dev/null",
- script,
- xml_file,
- output_file);
+ if (getuid () == 0)
+ {
+ struct passwd *nobody;
+
+ nobody = getpwnam ("nobody");
+ if ((nobody == NULL)
+ || chown (xml_dir, nobody->pw_uid, nobody->pw_gid)
+ || chown (xml_file, nobody->pw_uid, nobody->pw_gid))
+ {
+ g_warning ("%s: Failed to set dir permissions: %s\n",
+ __FUNCTION__,
+ strerror (errno));
+ g_free (previous_dir);
+ g_free (script);
+ g_free (xml_file);
+ if (extension) g_free (*extension);
+ if (content_type) g_free (*content_type);
+ return NULL;
+ }
+
+ command = g_strdup_printf ("/bin/sh -c \"su nobody"
+ " -c \\\"/bin/sh %s %s > %s"
+ " 2> /dev/null\\\""
+ " > /dev/null 2>&1\""
+ " > /dev/null 2>&1",
+ script,
+ xml_file,
+ output_file);
+ }
+ else
+ command = g_strdup_printf ("/bin/sh %s %s > %s"
+ " 2> /dev/null",
+ script,
+ xml_file,
+ output_file);
g_free (script);
g_debug (" command: %s\n", command);
@@ -12245,6 +12331,10 @@
/* Print the report as XML to a file. */
+ if ((report_format_predefined (report_format) == 0)
+ && (report_format_trust (report_format) != TRUST_YES))
+ return -1;
+
if (report_task (report, &task))
return -1;
@@ -12353,11 +12443,39 @@
/* Call the script. */
- command = g_strdup_printf ("/bin/sh %s %s > %s"
- " 2> /dev/null",
- script,
- xml_file,
- output_file);
+ if (getuid () == 0)
+ {
+ struct passwd *nobody;
+
+ nobody = getpwnam ("nobody");
+ if ((nobody == NULL)
+ || chown (xml_dir, nobody->pw_uid, nobody->pw_gid)
+ || chown (xml_file, nobody->pw_uid, nobody->pw_gid))
+ {
+ g_warning ("%s: Failed to set dir permissions: %s\n",
+ __FUNCTION__,
+ strerror (errno));
+ g_free (previous_dir);
+ g_free (script);
+ g_free (xml_file);
+ return -1;
+ }
+
+ command = g_strdup_printf ("/bin/sh -c \"su nobody"
+ " -c \\\"/bin/sh %s %s > %s"
+ " 2> /dev/null\\\""
+ " > /dev/null 2>&1\""
+ " > /dev/null 2>&1",
+ script,
+ xml_file,
+ output_file);
+ }
+ else
+ command = g_strdup_printf ("/bin/sh %s %s > %s"
+ " 2> /dev/null",
+ script,
+ xml_file,
+ output_file);
g_free (script);
g_free (xml_file);
@@ -18493,7 +18611,9 @@
sql ("BEGIN IMMEDIATE;");
if (sql_int (0, 0,
- "SELECT count(*) FROM targets WHERE lsc_credential = %llu;",
+ "SELECT count(*) FROM targets"
+ " WHERE lsc_credential = %llu OR smb_lsc_credential = %llu;",
+ lsc_credential,
lsc_credential))
{
sql ("ROLLBACK;");
@@ -18608,6 +18728,8 @@
" public_key, private_key, rpm, deb, exe,"
" (SELECT count(*) > 0 FROM targets"
" WHERE lsc_credential = lsc_credentials.ROWID)"
+ " + (SELECT count(*) > 0 FROM targets"
+ " WHERE smb_lsc_credential = lsc_credentials.ROWID)"
" FROM lsc_credentials"
" WHERE ROWID = %llu"
" AND ((owner IS NULL) OR (owner ="
@@ -18623,6 +18745,8 @@
" public_key, private_key, rpm, deb, exe,"
" (SELECT count(*) > 0 FROM targets"
" WHERE lsc_credential = lsc_credentials.ROWID)"
+ " + (SELECT count(*) > 0 FROM targets"
+ " WHERE smb_lsc_credential = lsc_credentials.ROWID)"
" FROM lsc_credentials"
" WHERE ((owner IS NULL) OR (owner ="
" (SELECT ROWID FROM users WHERE users.uuid = '%s')))"
@@ -21541,9 +21665,14 @@
*report_format = 0;
return FALSE;
}
+ assert (current_credentials.uuid);
switch (sql_int64 (report_format, 0, 0,
- "SELECT ROWID FROM report_formats WHERE uuid = '%s';",
- quoted_uuid))
+ "SELECT ROWID FROM report_formats WHERE uuid = '%s'"
+ " AND ((owner IS NULL) OR (owner ="
+ " (SELECT users.ROWID FROM users"
+ " WHERE users.uuid = '%s')));",
+ quoted_uuid,
+ current_credentials.uuid))
{
case 0:
break;
@@ -21809,6 +21938,45 @@
return -1;
}
+ if (global == 0)
+ {
+ gchar *report_dir;
+
+ /* glib seems to apply the mode to the first dir only. */
+
+ report_dir = g_build_filename (OPENVAS_STATE_DIR,
+ "openvasmd",
+ "report_formats",
+ current_credentials.uuid,
+ NULL);
+
+ if (chmod (report_dir, 0755 /* rwxr-xr-x */))
+ {
+ g_warning ("%s: chmod failed: %s\n",
+ __FUNCTION__,
+ strerror (errno));
+ g_free (dir);
+ g_free (report_dir);
+ g_free (quoted_name);
+ sql ("ROLLBACK;");
+ return -1;
+ }
+
+ g_free (report_dir);
+ }
+
+ /* glib seems to apply the mode to the first dir only. */
+ if (chmod (dir, 0755 /* rwxr-xr-x */))
+ {
+ g_warning ("%s: chmod failed: %s\n",
+ __FUNCTION__,
+ strerror (errno));
+ g_free (dir);
+ g_free (quoted_name);
+ sql ("ROLLBACK;");
+ return -1;
+ }
+
index = 0;
while ((file_name = (gchar*) g_ptr_array_index (files, index++)))
{
@@ -21839,17 +22007,32 @@
error = NULL;
g_file_set_contents (full_file_name, contents, contents_size, &error);
g_free (contents);
- g_free (full_file_name);
if (error)
{
g_warning ("%s: %s", __FUNCTION__, error->message);
g_error_free (error);
file_utils_rmdir_rf (dir);
+ g_free (full_file_name);
g_free (dir);
g_free (quoted_name);
sql ("ROLLBACK;");
return -1;
}
+
+ if (chmod (full_file_name, S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH))
+ {
+ g_warning ("%s: chmod failed: %s\n",
+ __FUNCTION__,
+ strerror (errno));
+ file_utils_rmdir_rf (dir);
+ g_free (full_file_name);
+ g_free (dir);
+ g_free (quoted_name);
+ sql ("ROLLBACK;");
+ return -1;
+ }
+
+ g_free (full_file_name);
}
/* Add format to database. */
@@ -22065,7 +22248,7 @@
*
* @param[in] report_format Report format.
*
- * @return 0 success, -1 error.
+ * @return 0 success, 3 predefined report format, -1 error.
*/
int
delete_report_format (report_format_t report_format)
@@ -22082,6 +22265,13 @@
return -1;
}
+ if (report_format_predefined (report_format))
+ {
+ sql ("ROLLBACK;");
+ free (uuid);
+ return 3;
+ }
+
if (report_format_global (report_format))
dir = g_build_filename (OPENVAS_DATA_DIR,
"openvasmd",
@@ -22391,6 +22581,30 @@
}
/**
+ * @brief Return whether a report format is predefined.
+ *
+ * @param[in] report_format Report format.
+ *
+ * @return 1 if predefined, else 0.
+ */
+int
+report_format_predefined (report_format_t report_format)
+{
+ return sql_int (0, 0,
+ "SELECT uuid = 'a0704abb-2120-489f-959f-251c9f4ffebd'"
+ " OR uuid = 'b993b6f5-f9fb-4e6e-9c94-dd46c00e058d'"
+ " OR uuid = '929884c6-c2c4-41e7-befb-2f6aa163b458'"
+ " OR uuid = '9f1ab17b-aaaa-411a-8c57-12df446f5588'"
+ " OR uuid = 'f5c2a364-47d2-4700-b21d-0a7693daddab'"
+ " OR uuid = '1a60a67e-97d0-4cbf-bc77-f71b08e7043d'"
+ " OR uuid = '19f6f1b3-7128-4433-888c-ccc764fe6ed5'"
+ " OR uuid = 'd5da9f67-8551-4e51-807b-b6a873d70e34'"
+ " FROM report_formats"
+ " WHERE ROWID = %llu;",
+ report_format);
+}
+
+/**
* @brief Return whether a report format is active.
*
* @param[in] report_format Report format.
@@ -22659,6 +22873,21 @@
}
/**
+ * @brief Return the trust of a report format.
+ *
+ * @param[in] report_format Report format.
+ *
+ * @return Trust: 1 yes, 2 no, 2 unknown.
+ */
+int
+report_format_trust (report_format_t report_format)
+{
+ return sql_int (0, 0,
+ "SELECT trust FROM report_formats WHERE ROWID = %llu;",
+ report_format);
+}
+
+/**
* @brief Initialise a report format iterator.
*
* @param[in] iterator Iterator.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openvas-manager-2.0.2/src/omp.c new/openvas-manager-2.0.3/src/omp.c
--- old/openvas-manager-2.0.2/src/omp.c 2011-03-02 15:21:27.000000000 +0100
+++ new/openvas-manager-2.0.3/src/omp.c 2011-04-15 15:30:03.000000000 +0200
@@ -8461,10 +8461,10 @@
case 0:
SEND_TO_CLIENT_OR_FAIL (XML_OK ("delete_report_format"));
break;
- case 1:
+ case 3:
SEND_TO_CLIENT_OR_FAIL
(XML_ERROR_SYNTAX ("delete_report_format",
- "Attempt to delete a hidden report"
+ "Attempt to delete a predefined report"
" format"));
break;
default:
@@ -8631,6 +8631,18 @@
set_client_state (CLIENT_AUTHENTIC);
break;
}
+
+ if ((report_format_predefined (report_format) == 0)
+ && (report_format_trust (report_format) > 1))
+ {
+ get_reports_data_reset (get_reports_data);
+ SEND_TO_CLIENT_OR_FAIL
+ (XML_ERROR_SYNTAX ("get_reports",
+ "GET_REPORTS report format must be predefined"
+ " or trusted"));
+ set_client_state (CLIENT_AUTHENTIC);
+ break;
+ }
SEND_TO_CLIENT_OR_FAIL
("
Homepage: http://www.openvas.org/
Standards-Version: 3.8.0
Build-Depends: debhelper (>= 5), cmake, doxygen, dpatch, hardening-wrapper, libopenvas4-dev, libsqlite3-dev, pkg-config
Files:
- 776ce4e1000137c9aec7863372c8c876 373800 openvas-manager-2.0.2.orig.tar.gz
- 131e6720b0526ade9405eade0d9150ac 56625 openvas-manager-2.0.2.diff.gz
+ 776ce4e1000137c9aec7863372c8c876 373800 openvas-manager-2.0.3.orig.tar.gz
+ 131e6720b0526ade9405eade0d9150ac 56625 openvas-manager-2.0.3.diff.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Remember to have fun...
--
To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-commit+help@opensuse.org