Login
[x]
Log in using an account from:
Fedora Account System
Red Hat Associate
Red Hat Customer
Or login using a Red Hat Bugzilla account
Forgot Password
Login:
Hide Forgot
Create an Account
Red Hat Bugzilla – Attachment 293284 Details for
Bug 428496
rpcbind-0.1.4-12.fc8.x86_64.rpm does not update properly
[?]
New
Simple Search
Advanced Search
My Links
Browse
Requests
Reports
Current State
Search
Tabular reports
Graphical reports
Duplicates
Other Reports
User Changes
Plotly Reports
Bug Status
Bug Severity
Non-Defaults
|
Product Dashboard
Help
Page Help!
Bug Writing Guidelines
What's new
Browser Support Policy
5.0.4.rh83 Release notes
FAQ
Guides index
User guide
Web Services
Contact
Legal
This site requires JavaScript to be enabled to function correctly, please enable it.
[patch]
Patch to allow proper uid/permissions check on rpcbind.file
rpcbind-0.1.4-rpcuid.patch (text/plain), 3.74 KB, created by
Patrick Monnerat
on 2008-01-29 14:28:04 UTC
(
hide
)
Description:
Patch to allow proper uid/permissions check on rpcbind.file
Filename:
MIME Type:
Creator:
Patrick Monnerat
Created:
2008-01-29 14:28:04 UTC
Size:
3.74 KB
patch
obsolete
>diff -Naur rpcbind-0.1.4.orig/src/rpcbind.c rpcbind-0.1.4.new/src/rpcbind.c >--- rpcbind-0.1.4.orig/src/rpcbind.c 2008-01-29 12:09:29.000000000 +0100 >+++ rpcbind-0.1.4.new/src/rpcbind.c 2008-01-29 13:10:50.000000000 +0100 >@@ -131,6 +131,7 @@ > void *nc_handle; /* Net config handle */ > struct rlimit rl; > int maxrec = RPC_MAXDATASIZE; >+ uid_t rpc_uid = 0; > > parseargs(argc, argv); > >@@ -193,9 +194,21 @@ > (void) signal(SIGHUP, SIG_IGN); > (void) signal(SIGUSR1, SIG_IGN); > (void) signal(SIGUSR2, SIG_IGN); >+ >+ if (runasdaemon || rpcbinduser) { >+ struct passwd *p; >+ char *id = runasdaemon ? RUN_AS : rpcbinduser; >+ >+ if((p = getpwnam(id)) == NULL) { >+ syslog(LOG_ERR, "cannot get uid of '%s': %m", id); >+ exit(1); >+ } >+ rpc_uid = p->pw_uid; >+ } >+ > #ifdef WARMSTART > if (warmstart) { >- read_warmstart(); >+ read_warmstart(rpc_uid); > } > #endif > if (debugging) { >@@ -213,15 +226,8 @@ > } > > if (runasdaemon || rpcbinduser) { >- struct passwd *p; >- char *id = runasdaemon ? RUN_AS : rpcbinduser; >- >- if((p = getpwnam(id)) == NULL) { >- syslog(LOG_ERR, "cannot get uid of '%s': %m", id); >- exit(1); >- } >- if (setuid(p->pw_uid) == -1) { >- syslog(LOG_ERR, "setuid to '%s' failed: %m", id); >+ if (setuid(rpc_uid) == -1) { >+ syslog(LOG_ERR, "setuid to daemon failed: %m"); > exit(1); > } > } >diff -Naur rpcbind-0.1.4.orig/src/rpcbind.h rpcbind-0.1.4.new/src/rpcbind.h >--- rpcbind-0.1.4.orig/src/rpcbind.h 2004-10-25 14:07:44.000000000 +0200 >+++ rpcbind-0.1.4.new/src/rpcbind.h 2008-01-29 13:02:22.000000000 +0100 >@@ -130,7 +130,7 @@ > #endif > > void write_warmstart(void); >-void read_warmstart(void); >+void read_warmstart(uid_t rpc_uid); > > char *addrmerge(struct netbuf *caller, char *serv_uaddr, char *clnt_uaddr, char *netid); > void network_init(void); >diff -Naur rpcbind-0.1.4.orig/src/warmstart.c rpcbind-0.1.4.new/src/warmstart.c >--- rpcbind-0.1.4.orig/src/warmstart.c 2008-01-29 12:09:29.000000000 +0100 >+++ rpcbind-0.1.4.new/src/warmstart.c 2008-01-29 13:04:47.000000000 +0100 >@@ -64,7 +64,7 @@ > #endif > > static bool_t write_struct __P((char *, xdrproc_t, void *)); >-static bool_t read_struct __P((char *, xdrproc_t, void *)); >+static bool_t read_struct __P((char *, xdrproc_t, void *, uid_t)); > > static bool_t > write_struct(char *filename, xdrproc_t structproc, void *list) >@@ -102,7 +102,7 @@ > } > > static bool_t >-read_struct(char *filename, xdrproc_t structproc, void *list) >+read_struct(char *filename, xdrproc_t structproc, void *list, uid_t rpc_uid) > { > FILE *fp; > XDR xdrs; >@@ -113,8 +113,8 @@ > "rpcbind: cannot stat file = %s for reading\n", filename); > goto error; > } >- if ((sbuf.st_uid != 0) || (sbuf.st_mode & S_IRWXG) || >- (sbuf.st_mode & S_IRWXO)) { >+ if ((sbuf.st_uid != 0 && sbuf.st_uid != rpc_uid) || >+ (sbuf.st_mode & S_IRWXG) || (sbuf.st_mode & S_IRWXO)) { > fprintf(stderr, > "rpcbind: invalid permissions on file = %s for reading\n", > filename); >@@ -152,7 +152,7 @@ > } > > void >-read_warmstart() >+read_warmstart(uid_t rpc_uid) > { > rpcblist_ptr tmp_rpcbl = NULL; > #ifdef PORTMAP >@@ -160,20 +160,22 @@ > #endif > int ok1, ok2 = TRUE; > >- ok1 = read_struct(RPCBFILE, (xdrproc_t)xdr_rpcblist_ptr, &tmp_rpcbl); >+ ok1 = read_struct(RPCBFILE, (xdrproc_t)xdr_rpcblist_ptr, &tmp_rpcbl, >+ rpc_uid); > if (ok1 == FALSE) > return; >- #ifdef PORTMAP >- ok2 = read_struct(PMAPFILE, (xdrproc_t)xdr_pmaplist_ptr, &tmp_pmapl); >- #endif >+#ifdef PORTMAP >+ ok2 = read_struct(PMAPFILE, (xdrproc_t)xdr_pmaplist_ptr, &tmp_pmapl, >+ rpc_uid); >+#endif > if (ok2 == FALSE) { > xdr_free((xdrproc_t) xdr_rpcblist_ptr, (char *)&tmp_rpcbl); > return; > } > xdr_free((xdrproc_t) xdr_rpcblist_ptr, (char *)&list_rbl); > list_rbl = tmp_rpcbl; >- #ifdef PORTMAP >+#ifdef PORTMAP > xdr_free((xdrproc_t) xdr_pmaplist_ptr, (char *)&list_pml); > list_pml = tmp_pmapl; >- #endif >+#endif > }
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=293284">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 428496
: 293284