/mandos/trunk

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/trunk

  • Committer: Teddy Hogeborn
  • Date: 2014-06-08 03:10:08 UTC
  • Revision ID: teddy@recompile.se-20140608031008-mc9bd7b024a3q0y0
Address a very theoretical possible security issue in mandos-client.

If there were to run some sort of "cleaner" process for /run/tmp (or
/tmp), and mandos-client were to run for long enough for that cleaner
process to remove the temporary directory for GPGME, there was a
possibility that another unprivileged process could trick the (also
unprivileged) mandos-client process to remove other files or symlinks
which the unprivileged mandos-client process was allowed to remove.
This is not currently known to have been exploitable, since there are
no known initramfs environments running such cleaner processes.

* plugins.d/mandos-client.c (main): Use O_NOFOLLOW when opening
                                    tempdir for cleaning.
Filename Latest Rev Last Changed Committer Comment Size
..
askpass-fifo.c 679 10 years ago Teddy Hogeborn Update copyright year. * mandos-keygen: Update co 4.9 KB Diff Download File
askpass-fifo.xml 544 12 years ago Teddy Hogeborn Updated year in copyright notices. 4.9 KB Diff Download File
mandos-client.c 697 10 years ago Teddy Hogeborn Address a very theoretical possible security issue 67.3 KB Diff Download File
mandos-client.xml 666 10 years ago Teddy Hogeborn Bug fix: Free all memory and give better messages 29 KB Diff Download File
password-prompt.c 679 10 years ago Teddy Hogeborn Update copyright year. * mandos-keygen: Update co 13.9 KB Diff Download File
password-prompt.xml 544 12 years ago Teddy Hogeborn Updated year in copyright notices. 9.5 KB Diff Download File
plymouth.c 679 10 years ago Teddy Hogeborn Update copyright year. * mandos-keygen: Update co 12.5 KB Diff Download File
plymouth.xml 544 12 years ago Teddy Hogeborn Updated year in copyright notices. 10.1 KB Diff Download File
splashy.c 679 10 years ago Teddy Hogeborn Update copyright year. * mandos-keygen: Update co 11.6 KB Diff Download File
splashy.xml 544 12 years ago Teddy Hogeborn Updated year in copyright notices. 10.2 KB Diff Download File
usplash.c 679 10 years ago Teddy Hogeborn Update copyright year. * mandos-keygen: Update co 16.2 KB Diff Download File
usplash.xml 544 12 years ago Teddy Hogeborn Updated year in copyright notices. 10.8 KB Diff Download File