Hello community,
here is the log from the commit of package festival
checked in at Fri Aug 31 15:45:55 CEST 2007.
--------
--- festival/festival.changes 2007-08-27 10:51:22.000000000 +0200
+++ /mounts/work_src_done/STABLE/festival/festival.changes 2007-08-31 12:00:58.000000000 +0200
@@ -1,0 +2,5 @@
+Fri Aug 31 09:47:51 CEST 2007 - mskibbe@suse.de
+
+- Bug 294691 - VUL-0: Festival: Privilege elevation
+
+-------------------------------------------------------------------
New:
----
festival-1.96-chroot.patch
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ festival.spec ++++++
--- /var/tmp/diff_new_pack.M20365/_old 2007-08-31 15:44:36.000000000 +0200
+++ /var/tmp/diff_new_pack.M20365/_new 2007-08-31 15:44:36.000000000 +0200
@@ -17,7 +17,7 @@
Group: Productivity/Text/Convertors
Autoreqprov: on
Version: 1.96
-Release: 60
+Release: 62
Summary: The Festival Speech Synthesis System
Source0: festival-%{version}-beta.tar.bz2
Source1: speech_tools-1.2.96-beta.tar.bz2
@@ -33,6 +33,7 @@
Patch3: festival-text2wave-manpage.patch
Patch4: festival-1.95-libdir.patch
Patch7: festival-1.95-audsp.patch
+Patch8: festival-1.96-chroot.patch
# speech-tools patches
Patch11: speech_tools-1.2.95-gcc4.patch
Patch12: speech_tools-1.2.95-config.patch
@@ -82,6 +83,7 @@
%patch3 -p1
%patch4
%patch7
+%patch8
cd ../speech_tools
#%patch11 -p1
%patch12
@@ -167,6 +169,11 @@
%clean
rm -rf $RPM_BUILD_ROOT
+%pre
+/usr/sbin/groupadd -r festival 2> /dev/null || :
+/usr/sbin/useradd -r -o -g festival -s /bin/false -c "Festival daemon" -d /usr/share/festival/ festival 2> /dev/null || :
+/usr/sbin/usermod -g festival festival 2>/dev/null || :
+
%post
%{fillup_only}
@@ -203,6 +210,8 @@
%_libdir/lib*.a
%changelog
+* Fri Aug 31 2007 - mskibbe@suse.de
+- Bug 294691 - VUL-0: Festival: Privilege elevation
* Mon Aug 27 2007 - mskibbe@suse.de
- fix 64 bit build problem
* Mon Jul 30 2007 - mskibbe@suse.de
++++++ festival-1.96-chroot.patch ++++++
--- src/main/festival_main.cc
+++ src/main/festival_main.cc
@@ -39,6 +39,10 @@
/* */
/*=======================================================================*/
#include <cstdio>
+#include
+#include
+#include
+#include
using namespace std;
@@ -75,6 +79,9 @@
EST_StrList files;
int real_number_of_files = 0;
int heap_size = FESTIVAL_HEAP_SIZE;
+ unsigned int uid = -1;
+ unsigned int gid = -1;
+ struct passwd *pw;
if (festival_check_script_mode(argc,argv) == TRUE)
{ // Need to check this directly as in script mode args are
@@ -106,6 +113,9 @@
" english, spanish and welsh are available\n"+
"--server Run in server mode waiting for clients\n"+
" of server_port (1314)\n"+
+ "--chroot <string> Run server in chroot\n"+
+ "--uid <string> Run server as given user\n"+
+ "--gid <int> Run server with this group\n"+
"--script <ifile>\n"+
" Used in #! scripts, runs in batch mode on\n"+
" file and passes all other args to Scheme\n"+
@@ -123,6 +133,77 @@
exit(0);
}
+ if( al.present( "--uid" ) )
+ {
+ EST_String b = al.sval( "--uid" );
+
+ pw = getpwnam( b.str() );
+ if( pw != NULL )
+ {
+ uid = pw->pw_uid;
+ gid = pw->pw_gid;
+ }
+ else
+ {
+ printf("unknow user\n");
+ festival_error();
+ }
+ }
+
+ if( al.present( "--gid" ) )
+ {
+ gid = al.ival( "--gid" );
+ if( al.present( "--uid" ) )
+ {
+ printf( "useless without --uid\n" );
+ festival_error();
+ }
+ }
+
+ if( al.present( "--chroot" ) )
+ {
+ if( !al.present( "--uid" ) )
+ {
+ printf( "chroot only makes sense in combination with uid switching\n" );
+ festival_error();
+ }
+
+ EST_String a = al.sval( "--chroot" );
+ printf( "chroot to %s\n", a.str() );
+ if( chdir( a.str() ) )
+ {
+ festival_error();
+ }
+ if( chroot( a.str() ) )
+ {
+ festival_error();
+ }
+ if( chdir( "/" ) )
+ {
+ festival_error();
+ }
+ }
+
+ if( al.present( "--uid" ) )
+ {
+ if( setgroups( 1, &gid ) < 0 )
+ {
+ festival_error();
+ }
+
+ if( setgid( gid ) != 0 )
+ {
+ printf( "can't setgid\n" );
+ festival_error();
+ }
+
+ if( setuid( uid ) != 0 )
+ {
+ printf( "can't setuid\n" );
+ festival_error();
+ }
+ }
+
if (al.present("--libdir"))
festival_libdir = wstrdup(al.val("--libdir"));
else if (getenv("FESTLIBDIR") != 0)
++++++ rcfestival ++++++
--- festival/rcfestival 2006-01-23 12:39:53.000000000 +0100
+++ /mounts/work_src_done/STABLE/festival/rcfestival 2007-08-31 12:00:59.000000000 +0200
@@ -27,6 +27,7 @@
# Check for missing binaries (stale symlinks should not happen)
# Note: Special treatment of stop for LSB conformance
+FESTIVAL_PID=/var/run/festival.pid
FESTIVAL_BIN=/usr/bin/festival
test -x $FESTIVAL_BIN || { echo "$FESTIVAL_BIN not installed";
if [ "$1" = "stop" ]; then exit 0;
@@ -44,58 +45,81 @@
# Source LSB init functions
. /etc/rc.status
+FESTIVAL_OPTIONS=""
+
+function prepare_chroot
+{
+ for configfile in /etc/festival.scm $FESTIVAL_CHROOT_FILES; do
+ test -d ${CHROOT_PREFIX}/${configfile%/*} || mkdir -p ${CHROOT_PREFIX}/${configfile%/*}
+ cp -auL ${configfile} ${CHROOT_PREFIX}/${configfile%/*}
+ done
+ FESTIVAL_OPTIONS="${FESTIVAL_OPTIONS} --chroot ${CHROOT_PREFIX}"
+}
+
+if( test "${FESTIVAL_RUN_CHROOTED}" = "yes" )
+then
+ FESTIVAL_OPTIONS="$FESTIVAL_OPTIONS --libdir / --uid festival"
+ CHROOT_PREFIX="/usr/share/festival/"
+ prepare_chroot
+else
+# FESTIVAL_OPTIONS="$FESTIVAL_OPTIONS"
+ CHROOT_PREFIX=""
+fi
+
+
# Reset status of this service
rc_reset
case "$1" in
start)
- echo -n "Starting festival "
- /sbin/startproc $FESTIVAL_BIN --server $FESTIVAL_OPTIONS >/dev/null 2>&1
- rc_status -v
+ echo -n "Starting festival "
+
+ /sbin/startproc -p $FESTIVAL_PID $FESTIVAL_BIN $FESTIVAL_OPTIONS --server >/dev/null 2>&1
+ rc_status -v
;;
stop)
- echo -n "Shutting down festival "
- /sbin/killproc -TERM $FESTIVAL_BIN
- rc_status -v
+ echo -n "Shutting down festival "
+ /sbin/killproc -TERM $FESTIVAL_BIN
+ rc_status -v
;;
try-restart|condrestart)
- if test "$1" = "condrestart"; then
- echo "${attn} Use try-restart ${done}(LSB)${attn} rather than condrestart ${warn}(RH)${norm}"
- fi
- $0 status
- if test $? = 0; then
- $0 restart
- else
- rc_reset # Not running is not a failure.
- fi
- rc_status
+ if test "$1" = "condrestart"; then
+ echo "${attn} Use try-restart ${done}(LSB)${attn} rather than condrestart ${warn}(RH)${norm}"
+ fi
+ $0 status
+ if test $? = 0; then
+ $0 restart
+ else
+ rc_reset # Not running is not a failure.
+ fi
+ rc_status
;;
restart)
- $0 stop
- $0 start
- rc_status
+ $0 stop
+ $0 start
+ rc_status
;;
force-reload)
- echo -n "Reload service festival "
- /sbin/killproc -HUP $FESTIVAL_BIN
- rc_status -v
+ echo -n "Reload service festival "
+ /sbin/killproc -HUP $FESTIVAL_BIN
+ rc_status -v
;;
reload)
- echo -n "Reload service festival "
- /sbin/killproc -HUP $FESTIVAL_BIN
- rc_status -v
+ echo -n "Reload service festival "
+ /sbin/killproc -HUP $FESTIVAL_BIN
+ rc_status -v
;;
status)
- echo -n "Checking for service festival "
- /sbin/checkproc $FESTIVAL_BIN
- rc_status -v
+ echo -n "Checking for service festival "
+ /sbin/checkproc $FESTIVAL_BIN
+ rc_status -v
;;
probe)
- test /etc/festival.scm -nt /var/run/festival.pid && echo reload
+ test /etc/festival.scm -nt /var/run/festival.pid && echo reload
;;
*)
- echo "Usage: $0 {start|stop|status|try-restart|restart|force-reload|reload|probe}"
- exit 1
+ echo "Usage: $0 {start|stop|status|try-restart|restart|force-reload|reload|probe}"
+ exit 1
;;
esac
rc_exit
++++++ sysconfig.festival ++++++
--- festival/sysconfig.festival 2006-01-23 12:39:52.000000000 +0100
+++ /mounts/work_src_done/STABLE/festival/sysconfig.festival 2007-08-31 12:00:59.000000000 +0200
@@ -5,3 +5,23 @@
## Default ""
#
FESTIVAL_OPTIONS=""
+
+## Type: yesno
+## Default: yes
+## ServiceRestart: ntp
+#
+# Shall the festival server run in the chroot jail /var/lib/festival?
+#
+# Each time you start festival with the init script, /etc/festival.conf will be
+# copied to /var/lib/festival/etc/.
+#
+FESTIVAL_RUN_CHROOTED="yes"
+
+## Type: string
+## Default: ""
+## ServiceRestart: ntp
+#
+# If the festival server runs in the chroot jail these files will be
+# copied to /var/lib/festival/ besides the default of /etc/festival.scm
+#
+FESTIVAL_CHROOT_FILES=""
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Remember to have fun...
---------------------------------------------------------------------
To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-commit+help@opensuse.org