NetBSD Problem Report #32804
From smb@cs.columbia.edu Sun Feb 12 14:02:39 2006
Return-Path: <smb@cs.columbia.edu>
Received: from machshav.com (machshav.com [147.28.0.16])
by narn.netbsd.org (Postfix) with ESMTP id 83BEB63B879
for <gnats-bugs@gnats.NetBSD.org>; Sun, 12 Feb 2006 14:02:37 +0000 (UTC)
Message-Id: <20060212140235.E09D1BB03B@bigboy.machshav.com>
Date: Sun, 12 Feb 2006 09:02:35 -0500 (EST)
From: smb@cs.columbia.edu
Reply-To: smb@cs.columbia.edu
To: gnats-bugs@netbsd.org
Subject: minor security glitch in Xsession (xorg and xsrc)
X-Send-Pr-Version: 3.95
>Number: 32804
>Category: pkg
>Synopsis: there's a race condition setting log file permissions in Xsession
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: joerg
>State: closed
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Sun Feb 12 14:05:00 +0000 2006
>Closed-Date: Thu Oct 05 11:27:44 +0000 2006
>Last-Modified: Thu Oct 05 11:27:44 +0000 2006
>Originator: Steven M. Bellovin
>Release: NetBSD 3.99.15
>Organization:
>Environment:
System: NetBSD bigboy.machshav.com 3.99.15 NetBSD 3.99.15 (BIGBOY) #0: Fri Feb 10 08:50:25 EST 2006 smb@bigboy.machshav.com:/usr/BUILD/obj/sys/arch/i386/compile/BIGBOY i386
Architecture: i386
Machine: i386
>Description:
Near the start of Xsession -- both the pkgsrc and xsrc versions --
there is the following code:
if ( cp /dev/null "$errfile" 2> /dev/null )
then
chmod 600 "$errfile"
an attacker who got in at just the right time could open the file
for read before the chmod.
>How-To-Repeat:
See above
>Fix:
Delete the chmod and change the first line to
if (umask 077 && cp /dev/null "$errfile" 2> /dev/null )
>Release-Note:
>Audit-Trail:
From: Christos Zoulas <christos@netbsd.org>
To: gnats-bugs@netbsd.org
Cc:
Subject: PR/32804 CVS commit: xsrc/xfree/xc/programs/xdm/config
Date: Sun, 12 Feb 2006 16:20:10 +0000 (UTC)
Module Name: xsrc
Committed By: christos
Date: Sun Feb 12 16:20:10 UTC 2006
Modified Files:
xsrc/xfree/xc/programs/xdm/config: Xsession
Log Message:
PR/32804: Steven M. Bellovin: Fix race condition setting log file permissions
in Xsession
To generate a diff of this commit:
cvs rdiff -r1.2 -r1.3 xsrc/xfree/xc/programs/xdm/config/Xsession
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Responsible-Changed-From-To: xsrc-manager->pending
Responsible-Changed-By: christos@netbsd.org
Responsible-Changed-When: Sun, 12 Feb 2006 11:38:10 -0500
Responsible-Changed-Why:
x.org needs fixing now.
Responsible-Changed-From-To: pending->joerg
Responsible-Changed-By: wiz@netbsd.org
Responsible-Changed-When: Sun, 12 Feb 2006 17:29:41 +0000
Responsible-Changed-Why:
For x.org.
From: Joerg Sonnenberger <joerg@netbsd.org>
To: gnats-bugs@netbsd.org
Cc:
Subject: PR/32804 CVS commit: pkgsrc/x11
Date: Tue, 14 Feb 2006 16:10:40 +0000 (UTC)
Module Name: pkgsrc
Committed By: joerg
Date: Tue Feb 14 16:10:40 UTC 2006
Modified Files:
pkgsrc/x11/xorg-clients: Makefile
pkgsrc/x11/xorg-libs: distinfo
pkgsrc/x11/xorg-libs/patches: patch-ax
Log Message:
Fix race condition in xdm's Xsession. From PR 32804.
To generate a diff of this commit:
cvs rdiff -r1.24 -r1.25 pkgsrc/x11/xorg-clients/Makefile
cvs rdiff -r1.33 -r1.34 pkgsrc/x11/xorg-libs/distinfo
cvs rdiff -r1.3 -r1.4 pkgsrc/x11/xorg-libs/patches/patch-ax
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
From: Lubomir Sedlacik <salo@netbsd.org>
To: gnats-bugs@netbsd.org
Cc:
Subject: PR/32804 CVS commit: [pkgsrc-2005Q4] pkgsrc/x11
Date: Wed, 15 Feb 2006 15:45:17 +0000 (UTC)
Module Name: pkgsrc
Committed By: salo
Date: Wed Feb 15 15:45:17 UTC 2006
Modified Files:
pkgsrc/x11/xorg-clients [pkgsrc-2005Q4]: Makefile
pkgsrc/x11/xorg-libs [pkgsrc-2005Q4]: distinfo
Added Files:
pkgsrc/x11/xorg-libs/patches [pkgsrc-2005Q4]: patch-ax
Log Message:
Pullup ticket 1133 - requested by Joerg Sonnenberger
fix race condition in xorg's Xsession
Patch provided by the submitter.
Module Name: pkgsrc
Committed By: joerg
Date: Tue Feb 14 16:10:40 UTC 2006
Modified Files:
pkgsrc/x11/xorg-clients: Makefile
pkgsrc/x11/xorg-libs: distinfo
pkgsrc/x11/xorg-libs/patches: patch-ax
Log Message:
Fix race condition in xdm's Xsession. From PR 32804.
To generate a diff of this commit:
cvs rdiff -r1.17 -r1.17.2.1 pkgsrc/x11/xorg-clients/Makefile
cvs rdiff -r1.25 -r1.25.2.1 pkgsrc/x11/xorg-libs/distinfo
cvs rdiff -r0 -r1.2.8.1 pkgsrc/x11/xorg-libs/patches/patch-ax
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
State-Changed-From-To: open->closed
State-Changed-By: joerg@netbsd.org
State-Changed-When: Mon, 20 Feb 2006 13:10:16 +0000
State-Changed-Why:
fixed in pkgsrc as well
State-Changed-From-To: closed->open
State-Changed-By: joerg@netbsd.org
State-Changed-When: Mon, 20 Feb 2006 13:46:22 +0000
State-Changed-Why:
Reopen until x11/XFree86 is investigated.
State-Changed-From-To: open->closed
State-Changed-By: joerg@netbsd.org
State-Changed-When: Thu, 05 Oct 2006 11:27:44 +0000
State-Changed-Why:
XFree86 is gone.
>Unformatted:
(Contact us)
$NetBSD: query-full-pr,v 1.39 2013/11/01 18:47:49 spz Exp $
$NetBSD: gnats_config.sh,v 1.8 2006/05/07 09:23:38 tsutsui Exp $
Copyright © 1994-2007
The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.