[opensuse] strange chkstat output...
Hi, sometimes when I use chkstat --system to correct permissions on my system i get this output: kumiko:~ # chkstat --system bad permissions line NNTPSERVER=news:2 [normal chkstat output deleted] To me that looks like a buffer overflow that makes chkstat treat the shell environment as input. Any ideas how to fix / where to report? Cheers MH -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Tue, Jul 04, 2017 at 10:58:38AM +0200, Mathias Homann wrote:
Hi,
sometimes when I use chkstat --system to correct permissions on my system i get this output:
kumiko:~ # chkstat --system bad permissions line NNTPSERVER=news:2
[normal chkstat output deleted]
To me that looks like a buffer overflow that makes chkstat treat the shell environment as input. Any ideas how to fix / where to report?
One of the /etc/permissions files was modified incorrectly. grep NNTPSERVER /etc/permissions* Ciao, Marcus -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 04.07.2017 11:01, Marcus Meissner wrote:
On Tue, Jul 04, 2017 at 10:58:38AM +0200, Mathias Homann wrote:
Hi,
sometimes when I use chkstat --system to correct permissions on my system i get this output:
kumiko:~ # chkstat --system bad permissions line NNTPSERVER=news:2
[normal chkstat output deleted]
To me that looks like a buffer overflow that makes chkstat treat the shell environment as input. Any ideas how to fix / where to report? One of the /etc/permissions files was modified incorrectly.
grep NNTPSERVER /etc/permissions*
that was my first thought too, but that grep comes up empty. Also, it is not always the same variable. If I add more permissions files to /etc/permissions.d it changes. cheers MH -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Tue, Jul 04, 2017 at 11:51:23AM +0200, Mathias Homann wrote:
On 04.07.2017 11:01, Marcus Meissner wrote:
On Tue, Jul 04, 2017 at 10:58:38AM +0200, Mathias Homann wrote:
Hi,
sometimes when I use chkstat --system to correct permissions on my system i get this output:
kumiko:~ # chkstat --system bad permissions line NNTPSERVER=news:2
[normal chkstat output deleted]
To me that looks like a buffer overflow that makes chkstat treat the shell environment as input. Any ideas how to fix / where to report? One of the /etc/permissions files was modified incorrectly.
grep NNTPSERVER /etc/permissions*
that was my first thought too, but that grep comes up empty. Also, it is not always the same variable. If I add more permissions files to /etc/permissions.d it changes.
Then it will likely be in /etc/sysconfig/security ... Ciao, Marcus -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 04.07.2017 12:46, Marcus Meissner wrote:
On Tue, Jul 04, 2017 at 11:51:23AM +0200, Mathias Homann wrote:
On 04.07.2017 11:01, Marcus Meissner wrote:
On Tue, Jul 04, 2017 at 10:58:38AM +0200, Mathias Homann wrote:
Hi,
sometimes when I use chkstat --system to correct permissions on my system i get this output:
kumiko:~ # chkstat --system bad permissions line NNTPSERVER=news:2
[normal chkstat output deleted]
To me that looks like a buffer overflow that makes chkstat treat the shell environment as input. Any ideas how to fix / where to report? One of the /etc/permissions files was modified incorrectly.
grep NNTPSERVER /etc/permissions*
that was my first thought too, but that grep comes up empty. Also, it is not always the same variable. If I add more permissions files to /etc/permissions.d it changes.
found it. it WAS in fact something in one permissions file... but I would still consider it a serious bug if a piece of software starts parsing the shell environment as file when a configuration file has a LF character at the end. where do I file that? cheers MH -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 07/04/2017 12:57 PM, Mathias Homann wrote:
found it. it WAS in fact something in one permissions file... but I would still consider it a serious bug if a piece of software starts parsing the shell environment as file when a configuration file has a LF character at the end.
probably it didn't parse the file ... but somehow dereferenced memory to an entry in char**environ?
where do I file that?
$ rpm -qf `which chkstat` permissions-20170602-1.1.x86_64 Have a nice day, Berny -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Tue, Jul 04, 2017 at 01:14:27PM +0200, Bernhard Voelker wrote:
On 07/04/2017 12:57 PM, Mathias Homann wrote:
found it. it WAS in fact something in one permissions file... but I would still consider it a serious bug if a piece of software starts parsing the shell environment as file when a configuration file has a LF character at the end.
probably it didn't parse the file ... but somehow dereferenced memory to an entry in char**environ?
where do I file that?
$ rpm -qf `which chkstat` permissions-20170602-1.1.x86_64
From which file was the LF missing?
Can you open a bug and attach this corrupted file? Ciao, Marcus -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
Am Dienstag, 4. Juli 2017, 13:17:50 CEST schrieb Marcus Meissner:
On Tue, Jul 04, 2017 at 01:14:27PM +0200, Bernhard Voelker wrote:
On 07/04/2017 12:57 PM, Mathias Homann wrote:
found it. it WAS in fact something in one permissions file... but I would still consider it a serious bug if a piece of software starts parsing the shell environment as file when a configuration file has a LF character at the end.
probably it didn't parse the file ... but somehow dereferenced memory to an entry in char**environ?
where do I file that?
$ rpm -qf `which chkstat` permissions-20170602-1.1.x86_64
From which file was the LF missing?
Can you open a bug and attach this corrupted file?
Ciao, Marcus
Done. https://bugzilla.opensuse.org/show_bug.cgi?id=1047247 -- gpg key fingerprint: 5F64 4C92 9B77 DE37 D184 C5F9 B013 44E7 27BD 763C
participants (3)
-
Bernhard Voelker -
Marcus Meissner -
Mathias Homann