Remove POSIX file capabilities from executables on erase/rename too

- Just like suid/sgid bits, hardlinks to executables with capabilities set can "leak" permissions to old, potentially vulnerable versions of binaries. Related to RhBug:598775. (cherry picked from commit 4d172a194addc49851e558ea390d3045894e3230)
author: Panu Matilainen <pmatilai@redhat.com> 2010-06-03 11:04:12 +0300
committer: Panu Matilainen <pmatilai@redhat.com> 2010-06-11 11:48:01 +0300
commit: e61d6b1cea27c1cd9aa3143032d96d2e6cdc9830 (patch)
tree: 856abc121105f1ce2574b06cb9e19d78ab12d884
parent: ff3e5e5744e0c28e46dc28413738e20b5f807cce (diff)
download: rpm-e61d6b1cea27c1cd9aa3143032d96d2e6cdc9830.tar.gz
1 files changed, 7 insertions, 2 deletions
diff --git a/lib/fsm.c b/lib/fsm.c
index 5342a2890..7cdefab2d 100644
--- a/lib/fsm.c
+++ b/lib/fsm.c
@@ -1323,10 +1323,15 @@ static const char * rpmteTypeString(rpmte te)
 static void removeSBITS(const char *path)
 {
     struct stat stb;
-    if (lstat(path, &stb) == 0) {
-	if (S_ISREG(stb.st_mode) && (stb.st_mode & 06000) != 0) {
+    if (lstat(path, &stb) == 0 && S_ISREG(stb.st_mode)) {
+	if ((stb.st_mode & 06000) != 0) {
 	    (void) chmod(path, stb.st_mode & 0777);
 	}
+#if WITH_CAP
+	if (stb.st_mode & (S_IXUSR|S_IXGRP|S_IXOTH)) {
+	    (void) cap_set_file(path, NULL);
+	}
+#endif
     }
 }
author	Panu Matilainen <pmatilai@redhat.com>	2010-06-03 11:04:12 +0300
committer	Panu Matilainen <pmatilai@redhat.com>	2010-06-11 11:48:01 +0300
commit	e61d6b1cea27c1cd9aa3143032d96d2e6cdc9830 (patch)
tree	856abc121105f1ce2574b06cb9e19d78ab12d884
parent	ff3e5e5744e0c28e46dc28413738e20b5f807cce (diff)
download	rpm-e61d6b1cea27c1cd9aa3143032d96d2e6cdc9830.tar.gz