Attachment 601804 Details for Bug 845106 – Patch for CVE-2012-3447 for folsom

[patch] Patch for CVE-2012-3447 for folsom

CVE-2012-3447-folsom.patch (text/plain), 1.35 KB, created by Kurt Seifried on 2012-08-01 19:17:37 UTC

(hide)

Description:

Filename:

MIME Type:

Creator: Kurt Seifried

Created: 2012-08-01 19:17:37 UTC

Size: 1.35 KB

patch

obsolete

>From 6f4751d6bddc12c910b7d72ec1354d3b9d6d884a Mon Sep 17 00:00:00 2001
>From: =?UTF-8?q?P=C3=A1draig=20Brady?= <pbrady@redhat.com>
>Date: Tue, 31 Jul 2012 14:05:35 +0100
>Subject: [PATCH] Prohibit file injection writing to host filesystem
>
>This is a refinement of the previous fix in commit 2427d4a9,
>which does the file name canonicalization as the root user.
>This is required so that guest images could not for example,
>protect malicious symlinks in a directory only readable by root.
>
>Change-Id: I7f7cdeeffadebae7451e1e13f73f1313a7df9c5c
>---
> nova/virt/disk/api.py |    4 +++-
> 1 files changed, 3 insertions(+), 1 deletions(-)
>
>diff --git a/nova/virt/disk/api.py b/nova/virt/disk/api.py
>index af14e3f..5b79e14 100644
>--- a/nova/virt/disk/api.py
>+++ b/nova/virt/disk/api.py
>@@ -335,7 +335,9 @@ def _join_and_check_path_within_fs(fs, *args):
>     mounted guest fs.  Trying to be clever and specifying a
>     path with '..' in it will hit this safeguard.
>     '''
>-    absolute_path = os.path.realpath(os.path.join(fs, *args))
>+    absolute_path, _err = utils.execute('readlink', '-m',
>+                                        os.path.join(fs, *args),
>+                                        run_as_root=True)
>     if not absolute_path.startswith(os.path.realpath(fs) + '/'):
>         raise exception.Invalid(_('injected file path not valid'))
>     return absolute_path
>-- 
>1.7.6.4
>

Actions: View | Diff

Attachments on bug 845106: 601803 | 601804