[mingetty] Check for chroot() and others result
Petr Pisar
ppisar at fedoraproject.org
Tue Oct 26 16:05:15 UTC 2010
commit 5f48a2b8970d1718269737ed1ed3502f9b46ce25
Author: Petr Písař <ppisar at redhat.com>
Date: Tue Oct 26 15:34:17 2010 +0200
Check for chroot() and others result
mingetty-1.08-check_chroot_chdir_nice.patch | 34 +++++++++++++++++++++++++++
mingetty.spec | 14 ++++++++---
2 files changed, 44 insertions(+), 4 deletions(-)
---
diff --git a/mingetty-1.08-check_chroot_chdir_nice.patch b/mingetty-1.08-check_chroot_chdir_nice.patch
new file mode 100644
index 0000000..911cda8
--- /dev/null
+++ b/mingetty-1.08-check_chroot_chdir_nice.patch
@@ -0,0 +1,34 @@
+Check chdir() on chroot() syscalls (and similar) as chroot without proper
+chdir() allows to escape from changed root.
+
+http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=597382
+--- a/mingetty.c
++++ b/mingetty.c
+@@ -414,12 +431,21 @@
+ while ((logname = get_logname ()) == 0)
+ /* do nothing */ ;
+
+- if (ch_root)
+- chroot (ch_root);
+- if (ch_dir)
+- chdir (ch_dir);
+- if (priority)
+- nice (priority);
++ if (ch_root) {
++ if (chroot (ch_root))
++ error ("chroot(\"%s\") failed: %s", ch_root, strerror (errno));
++ if (chdir("/"))
++ error ("chdir(\"/\") failed: %s", strerror (errno));
++ }
++ if (ch_dir) {
++ if (chdir (ch_dir))
++ error ("chdir(\"%s\") failed: %s", ch_dir, strerror (errno));
++ }
++ if (priority) {
++ errno = 0; /* see the nice(2) NOTES for why we do this */
++ if ((nice(priority) == -1) && (errno != 0))
++ error ("nice(%d) failed: %s", priority, strerror (errno));
++ }
+
+ execl (loginprog, loginprog, autologin? "-f" : "--", logname, NULL);
+ error ("%s: can't exec %s: %s", tty, loginprog, strerror (errno));
diff --git a/mingetty.spec b/mingetty.spec
index a1b3cca..75f33a7 100644
--- a/mingetty.spec
+++ b/mingetty.spec
@@ -2,12 +2,14 @@ Summary: A compact getty program for virtual consoles only
Name: mingetty
Version: 1.08
License: GPLv2+
-Release: 4%{?dist}
+Release: 5%{?dist}
Group: System Environment/Base
+BuildRoot: %{_tmppath}/%{name}-root
URL: http://sourceforge.net/projects/mingetty/
Source: http://downloads.sourceforge.net/%{name}/%{name}-%{version}.tar.gz
-Patch: mingetty-1.00-opt.patch
-BuildRoot: %{_tmppath}/%{name}-root
+Patch0: mingetty-1.00-opt.patch
+# Bug #635412
+Patch1: mingetty-1.08-check_chroot_chdir_nice.patch
%description
The mingetty program is a lightweight, minimalist getty program for
@@ -16,7 +18,8 @@ lines (you should use the mgetty program in that case).
%prep
%setup -q
-%patch -p1
+%patch0 -p1 -b .opt
+%patch1 -p1 -b .chroot
%build
make "RPM_OPTS=$RPM_OPT_FLAGS"
@@ -38,6 +41,9 @@ rm -rf $RPM_BUILD_ROOT
%{_mandir}/man8/mingetty.*
%changelog
+* Tue Oct 26 2010 Petr Pisar <ppisar at redhat.com> - 1.08-5
+- Check chroot(), chdir(), and nice() (bug #635412)
+
* Sat Jul 25 2009 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.08-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
More information about the scm-commits
mailing list