Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP4:GA
libcgroup
0001-cgrulesengd-remove-umask-0.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File 0001-cgrulesengd-remove-umask-0.patch of Package libcgroup
From 0d88b73d189ea3440ccaab00418d6469f76fa590 Mon Sep 17 00:00:00 2001 From: Michal Hocko <mhocko@suse.com> Date: Wed, 18 Jul 2018 11:24:29 +0200 Subject: [PATCH] cgrulesengd: remove umask(0) One of our partners has noticed that cgred daemon is creating a log file (/var/log/cgred) with too wide permissions (0666) and that is seen as a security bug because an untrusted user can write to otherwise restricted area. CVE-2018-14348 has been assigned to this issue. Signed-off-by: Michal Hocko <mhocko@suse.com> Acked-by: Balbir Singh <bsingharora@gmail.com> --- src/daemon/cgrulesengd.c | 3 --- 1 file changed, 3 deletions(-) Index: libcgroup-0.41.rc1/src/daemon/cgrulesengd.c =================================================================== --- libcgroup-0.41.rc1.orig/src/daemon/cgrulesengd.c +++ libcgroup-0.41.rc1/src/daemon/cgrulesengd.c @@ -885,9 +885,6 @@ int cgre_start_daemon(const char *logp, } else if (pid > 0) { exit(EXIT_SUCCESS); } - - /* Change the file mode mask. */ - umask(0); } else { flog(LOG_DEBUG, "Not using daemon mode\n"); pid = getpid();
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor