Bug 232031 - [SECURITY]SELinux errors, using of system() call in src/ntfs-3g.c
Summary: [SECURITY]SELinux errors, using of system() call in src/ntfs-3g.c
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Fedora
Classification: Fedora
Component: ntfs-3g
Version: 6
Hardware: All
OS: Linux
high
high
Target Milestone: ---
Assignee: Tom "spot" Callaway
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2007-03-13 17:35 UTC by Jochen Schmitt
Modified: 2007-11-30 22:11 UTC (History)
0 users

Fixed In Version: 1.516-1
Clone Of:
Environment:
Last Closed: 2007-06-26 16:14:01 UTC
Type: ---
Embargoed:

Attachments (Terms of Use)
avc messages from /var/log/messages (3.64 KB, text/plain)
2007-03-13 17:35 UTC, Jochen Schmitt 		no flags Details
Patch for solve security weakness (1.16 KB, patch)
2007-03-13 18:29 UTC, Jochen Schmitt 		no flags Details | Diff
View All

Description Jochen Schmitt 2007-03-13 17:35:33 UTC 
In my message log I have found avc message, witch was coused by ntfs-3g.

After a look on the messages, I was wondering, that mount.ntfs want to start the
bash. In the code I found a test on the /sbin/modprobe exectuable. If this
exceubable exist, a system("modeprobe fuse") will done.

The usage of the system() call is a bad idea, becouse it is make possible to
manipulate the localion from where the modprobe will be execute. The usage of an
exec()-like call may be better.

Best Regards:

Jochen Schmitt
Comment 1 Jochen Schmitt 2007-03-13 17:35:33 UTC 
Created attachment 149954 [details]
avc messages from /var/log/messages
Comment 2 Jochen Schmitt 2007-03-13 18:29:37 UTC 
Created attachment 149967 [details]
Patch for solve security weakness

I have added an untested patch which replace the system()-call ba the
fork()/execl()-call.
Comment 3 Tom "spot" Callaway 2007-06-26 16:14:01 UTC 
This is fixed in 1.516-1 or later ntfs-3g packages.
Note You need to log in before you can comment on or make changes to this bug.