[quota] Do not allow non-root to control quota_nld service
Petr Pisar
ppisar at fedoraproject.org
Fri Feb 4 12:05:55 UTC 2011
commit 735d99b14ebef9aa775b82f2fff17cca07c9f48c
Author: Petr Písař <ppisar at redhat.com>
Date: Fri Feb 4 13:04:49 2011 +0100
Do not allow non-root to control quota_nld service
quota.spec | 1 +
quota_nld.init | 2 ++
2 files changed, 3 insertions(+), 0 deletions(-)
---
diff --git a/quota.spec b/quota.spec
index d3f9b8b..f224810 100644
--- a/quota.spec
+++ b/quota.spec
@@ -267,6 +267,7 @@ rm -rf %{buildroot}
%changelog
* Fri Feb 04 2011 Petr Pisar <ppisar at redhat.com> - 1:4.00-0.6.pre1
- Store quota_nld PID into PID file (bug #634137)
+- Do not allow non-root to control quota_nld service (bug #634137)
* Wed Feb 02 2011 Petr Pisar <ppisar at redhat.com> - 1:4.00-0.5.pre1
- Correct manual pages
diff --git a/quota_nld.init b/quota_nld.init
old mode 100755
new mode 100644
index e54deec..1b52453
--- a/quota_nld.init
+++ b/quota_nld.init
@@ -29,6 +29,7 @@ prog="quota_nld"
lockfile=/var/lock/subsys/$prog
start() {
+ [ "$(id -u)" -eq 0 ] || exit 4
[ -x $exec ] || exit 5
echo -n $"Starting $prog: "
daemon $exec $QUOTA_NLD_OPTS
@@ -39,6 +40,7 @@ start() {
}
stop() {
+ [ "$(id -u)" -eq 0 ] || exit 4
echo -n $"Stopping $prog: "
killproc $prog
retval=$?
More information about the scm-commits
mailing list