mirrors/libguestfs
1
0
Fork 0
mirror of https://github.com/libguestfs/libguestfs.git synced 2026-03-22 07:03:38 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
oldlinux
libguestfs/fish
History
Richard W.M. Jones 6a451ff65c fish: CVE-2013-4419: Fix insecure temporary directory handling for remote guestfish (RHBZ#1016960). 
When using the guestfish --remote or guestfish --listen options,
guestfish would create a socket in a known location
(/tmp/.guestfish-$UID/socket-$PID).

The location has to be a known one in order for both ends to
communicate.  However no checking was done that the containing
directory (/tmp/.guestfish-$UID) is owned by the user.  Thus another
user could create this directory and potentially modify sockets owned
by another user's guestfish client or server.

This commit fixes the issue by creating the directory unconditionally,
and then checking that the directory has the correct owner and
permissions, thus preventing another user from creating the directory
first.

If guestfish sees a suspicious socket directory it will print an error
like this and exit with an error status:

  guestfish: '/tmp/.guestfish-1000' is not a directory or has insecure owner or permissions

Thanks: Michael Scherer for discovering this issue.

Version 2:
 - Add assigned CVE number.
 - Update documentation.

Signed-off-by: Richard W.M. Jones <rjones@redhat.com>
(cherry picked from commit 54fb09e052)
(cherry picked from commit b23fca294e)
2013-10-17 13:21:23 +01:00
..
alloc.c
Add support for hotplugging (adding disks) to the libvirt attach-method.
2012-10-08 20:04:53 +01:00
cmds-gperf.h
build: Rename most C files that contain underscore with dash.
2012-07-19 16:11:47 +01:00
config.c
Remove use of gnulib progname module.
2013-05-28 18:48:50 +01:00
copy.c
fish: Use CLEANUP_* macros in a lot of places.
2013-02-14 16:12:44 +00:00
destpaths.c
fish: Use guestfs___{free_string_list,count_strings} utility functions.
2013-03-05 18:39:52 +00:00
display.c
fish: Use CLEANUP_* macros in a lot of places.
2013-02-14 16:12:44 +00:00
domain.c
syntax: Remove include <assert.h> where assert is not used.
2012-09-15 12:32:41 +01:00
echo.c
Update FSF address.
2011-11-08 14:43:07 +00:00
edit.c
Update copyright dates for 2013.
2013-02-14 16:13:29 +00:00
events.c
Remove all occurrences of the bad_cast (lowercase) function.
2013-02-14 16:12:30 +00:00
fish.c
fish: Split up long line in --help output.
2013-07-26 15:55:13 +01:00
fish.h
fish: Use guestfs___{free_string_list,count_strings} utility functions.
2013-03-05 18:39:52 +00:00
glob.c
fish: Use guestfs___{free_string_list,count_strings} utility functions.
2013-03-05 18:39:52 +00:00
guestfish-bash-completion.sh
Update FSF address.
2011-11-08 14:43:07 +00:00
guestfish.pod
fish: CVE-2013-4419: Fix insecure temporary directory handling for remote guestfish (RHBZ#1016960).
2013-10-17 13:21:23 +01:00
help.c
Remove "convenience header" "gettext.h" and use <libintl.h> instead.
2012-05-01 08:57:55 +01:00
hexedit.c
Remove TMP_TEMPLATE_ON_STACK macro.
2013-02-14 16:12:34 +00:00
inspect.c
Remove use of gnulib progname module.
2013-05-28 18:48:50 +01:00
keys.c
getline: Rename &n parameter as &allocsize.
2013-02-14 16:20:21 +00:00
lcd.c
Remove "convenience header" "gettext.h" and use <libintl.h> instead.
2012-05-01 08:57:55 +01:00
libguestfs-tools.conf
Add /etc/libguestfs-tools.conf configuration file.
2011-03-31 15:42:13 +01:00
Makefile.am
lib: Create libutils convenience library.
2013-03-05 18:39:24 +00:00
man.c
utils: Fix error messages for external commands that fail (RHBZ#921040).
2013-03-31 10:12:24 +01:00
more.c
Update copyright dates for 2013.
2013-02-14 16:13:29 +00:00
options.c
fish: For -N option, add drive with explicit format = "raw".
2013-07-26 15:55:13 +01:00
options.h
fuse: Allow specifying the fstype of a mount
2013-05-28 18:48:52 +01:00
prep-boot.c
fish: Use CLEANUP_* macros in a lot of places.
2013-02-14 16:12:44 +00:00
prep-disk.c
build: Rename most C files that contain underscore with dash.
2012-07-19 16:11:47 +01:00
prep-fs.c
fish: Use CLEANUP_* macros in a lot of places.
2013-02-14 16:12:44 +00:00
prep-lv.c
fish: Use CLEANUP_* macros in a lot of places.
2013-02-14 16:12:44 +00:00
prep-part.c
build: Rename most C files that contain underscore with dash.
2012-07-19 16:11:47 +01:00
prep.c
Remove all occurrences of the bad_cast (lowercase) function.
2013-02-14 16:12:30 +00:00
progress.c
tools, tests: Use "guestfs-internal-frontend.h" header.
2013-02-14 16:19:44 +00:00
progress.h
Tempus fugit.
2012-01-18 22:05:02 +00:00
rc_protocol.x
Rename global 'xdr_str'.
2010-08-25 11:41:17 +01:00
rc.c
fish: CVE-2013-4419: Fix insecure temporary directory handling for remote guestfish (RHBZ#1016960).
2013-10-17 13:21:23 +01:00
reopen.c
New API: guestfs_shutdown: Cleanly shutdown the backend.
2012-07-03 21:27:29 +01:00
setenv.c
Remove "convenience header" "gettext.h" and use <libintl.h> instead.
2012-05-01 08:57:55 +01:00
supported.c
fish: Use CLEANUP_* macros in a lot of places.
2013-02-14 16:12:44 +00:00
test-a.sh
launch: Treat /dev/null specially, for old KVM.
2012-06-25 11:20:35 +01:00
test-add-domain.sh
tests: Move debug-drives testing API to launch.c and change the output.
2012-07-23 20:17:24 +01:00
test-copy.sh
build: Return 77 from skipped tests.
2012-07-19 11:22:40 +01:00
test-d.sh
tests: Move debug-drives testing API to launch.c and change the output.
2012-07-23 20:17:24 +01:00
test-edit.sh
build: Return 77 from skipped tests.
2012-07-19 11:22:40 +01:00
test-escapes.sh
fish: Change test-escapes so test is not endian-sensitive.
2012-06-09 20:18:09 +01:00
test-events.sh
fish/test-events.sh: ignore "trace get_path" line
2013-05-28 18:48:53 +01:00
test-find0.sh
fish: Rename tests and make test paths relative.
2012-03-12 15:09:15 +00:00
test-glob.sh
fish: Add a regression test for the 'glob' command.
2012-05-02 16:35:43 +01:00
test-inspect.sh
tests: Replace 'make extra-tests' with individual tests.
2012-11-13 15:26:29 +00:00
test-mount-local.sh
build: Return 77 from skipped tests.
2012-07-19 11:22:40 +01:00
test-prep.sh
tests: Replace 'make extra-tests' with individual tests.
2012-11-13 15:26:29 +00:00
test-read-file.sh
build: Rename most C files that contain underscore with dash.
2012-07-19 16:11:47 +01:00
test-remote-events.sh
fish: Fix test-remote-events test.
2012-11-22 09:56:01 +00:00
test-remote.sh
Replace mount-options with mount where appropriate.
2012-08-18 22:08:29 +01:00
test-reopen.sh
fish: Rename tests and make test paths relative.
2012-03-12 15:09:15 +00:00
test-run.sh
tests: Replace 'make extra-tests' with individual tests.
2012-11-13 15:26:29 +00:00
test-stringlist.sh
fish: Rename tests and make test paths relative.
2012-03-12 15:09:15 +00:00
test-tilde.sh
fish: Rename tests and make test paths relative.
2012-03-12 15:09:15 +00:00
test-upload-to-dir.sh
fish: Rename tests and make test paths relative.
2012-03-12 15:09:15 +00:00
tilde.c
Replace 'int' with 'size_t' passim.
2012-03-13 08:23:56 +00:00
time.c
Remove "convenience header" "gettext.h" and use <libintl.h> instead.
2012-05-01 08:57:55 +01:00
virt-copy-in
Update FSF address.
2011-11-08 14:43:07 +00:00
virt-copy-in.pod
man pages: Ensure consistent copyright/author sections, remove license
2012-08-21 20:16:29 +01:00
virt-copy-out
Update FSF address.
2011-11-08 14:43:07 +00:00
virt-copy-out.pod
man pages: Ensure consistent copyright/author sections, remove license
2012-08-21 20:16:29 +01:00
virt-tar-in
Update FSF address.
2011-11-08 14:43:07 +00:00
virt-tar-in.pod
man pages: Ensure consistent copyright/author sections, remove license
2012-08-21 20:16:29 +01:00
virt-tar-out
Update FSF address.
2011-11-08 14:43:07 +00:00
virt-tar-out.pod
man pages: Ensure consistent copyright/author sections, remove license
2012-08-21 20:16:29 +01:00