Bug 170201 - slocate allows listing directories that can not be viewed with ls -l
slocate allows listing directories that can not be viewed with ls -l
Status: CLOSED RAWHIDE
Product: Fedora
Classification: Fedora
Component: slocate (Show other bugs)
rawhide
All Linux
medium Severity medium
: ---
: ---
Assigned To: Miloslav Trmač
Brock Organ
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2005-10-08 18:56 EDT by Russell Coker
Modified: 2007-11-30 17:11 EST (History)
2 users (show)

See Also:
Fixed In Version: 2.7-28
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2005-10-10 17:23:31 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
patch to fix this bug (339 bytes, patch)
2005-10-08 18:59 EDT, Russell Coker
no flags Details | Diff

  None (edit)
Description Russell Coker 2005-10-08 18:56:51 EDT
From Bugzilla Helper: User-Agent: Mozilla/5.0 (compatible; Konqueror/3.4; Linux) KHTML/3.4.91 (like Gecko)  Description of problem: if (UID == 0 || check_path_access(strdup(codedpath)))    slocate currently has the above code.  This means that if it is run as root it  will be able to display information on all files unconditionally.  On a non-SE  system this is OK as root will have ultimate access.  On a SE Linux with  targeted policy it's not a problem as the daemons can't run slocate and user  sessions are unconfined (so a user session as root can do everything).    On a SE Linux machine running the strict policy this is not desirable as an  unprivileged root user can list all the files on the system.  We don't  recommend that you have unprivileged root users so in the past this bug has  really only affected me.    Now that we are working on MLS support for LSPP certification this has become  a serious issue.  We don't want a copy of slocate running at "secret"  clearance to be able to see the names of files in a "top secret" classified  directory.   Version-Release number of selected component (if applicable):   How reproducible: Always  Steps to Reproduce: Run locate as an unprivileged root user.   Additional info:
Comment 1 Russell Coker 2005-10-08 18:59:11 EDT
Created attachment 119737 [details]
patch to fix this bug
Comment 2 Miloslav Trmač 2005-10-10 17:23:31 EDT
Fixed in slocate-2.7-28.  Thanks!

Note You need to log in before you can comment on or make changes to this bug.