diff options
author | Panu Matilainen <pmatilai@redhat.com> | 2010-06-03 11:04:12 +0300 |
---|---|---|
committer | Panu Matilainen <pmatilai@redhat.com> | 2010-06-11 11:48:01 +0300 |
commit | e61d6b1cea27c1cd9aa3143032d96d2e6cdc9830 (patch) | |
tree | 856abc121105f1ce2574b06cb9e19d78ab12d884 | |
parent | ff3e5e5744e0c28e46dc28413738e20b5f807cce (diff) | |
download | rpm-e61d6b1cea27c1cd9aa3143032d96d2e6cdc9830.tar.gz |
Remove POSIX file capabilities from executables on erase/rename too
- Just like suid/sgid bits, hardlinks to executables with capabilities
set can "leak" permissions to old, potentially vulnerable versions
of binaries. Related to RhBug:598775.
(cherry picked from commit 4d172a194addc49851e558ea390d3045894e3230)
-rw-r--r-- | lib/fsm.c | 9 |
1 files changed, 7 insertions, 2 deletions
@@ -1323,10 +1323,15 @@ static const char * rpmteTypeString(rpmte te) static void removeSBITS(const char *path) { struct stat stb; - if (lstat(path, &stb) == 0) { - if (S_ISREG(stb.st_mode) && (stb.st_mode & 06000) != 0) { + if (lstat(path, &stb) == 0 && S_ISREG(stb.st_mode)) { + if ((stb.st_mode & 06000) != 0) { (void) chmod(path, stb.st_mode & 0777); } +#if WITH_CAP + if (stb.st_mode & (S_IXUSR|S_IXGRP|S_IXOTH)) { + (void) cap_set_file(path, NULL); + } +#endif } } |