mirrors/flatcar-scripts
1
0
Fork 0
mirror of https://github.com/flatcar/scripts.git synced 2025-08-23 07:21:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

sys-auth/polkit: bugfix for CVE-2018-19788 fix

Browse Source 
https://gitlab.freedesktop.org/polkit/polkit/issues/77
This commit is contained in:
Benjamin Gilbert 2019-08-23 23:51:56 -04:00
parent a6a6275a6b
commit 31a4b11f99
2 changed files with 48 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

47
sdk_container/src/third_party/coreos-overlay/sys-auth/polkit/files/polkit-0.113-allow-uid-of-1-for-a-PolkitUnixProcess.patch vendored Normal file
View File

@ -0,0 +1,47 @@
From 87aec8b7275665c85fe22bcc8e74d2a0422535ce Mon Sep 17 00:00:00 2001
From: Matthew Leeds <matthew.leeds@endlessm.com>
Date: Tue, 11 Dec 2018 12:04:26 -0800
Subject: [PATCH] Allow uid of -1 for a PolkitUnixProcess
Commit 2cb40c4d5 changed PolkitUnixUser, PolkitUnixGroup, and
PolkitUnixProcess to allow negative values for their uid/gid properties,
since these are values above INT_MAX which wrap around but are still
valid, with the exception of -1 which is not valid. However,
PolkitUnixProcess allows a uid of -1 to be passed to
polkit_unix_process_new_for_owner() which means polkit is expected to
figure out the uid on its own (this happens in the _constructed
function). So this commit removes the check in
polkit_unix_process_set_property() so that new_for_owner() can be used
as documented without producing a critical error message.
This does not affect the protection against CVE-2018-19788 which is
based on creating a user with a UID up to but not including 4294967295
(-1).
---
src/polkit/polkitunixprocess.c | 9 ++-------
1 file changed, 2 insertions(+), 7 deletions(-)
diff --git a/src/polkit/polkitunixprocess.c b/src/polkit/polkitunixprocess.c
index 2c57813..93dea3c 100644
--- a/src/polkit/polkitunixprocess.c
+++ b/src/polkit/polkitunixprocess.c
@@ -142,14 +142,9 @@ polkit_unix_process_set_property (GObject *object,
polkit_unix_process_set_pid (unix_process, g_value_get_int (value));
break;
- case PROP_UID: {
- gint val;
-
- val = g_value_get_int (value);
- g_return_if_fail (val != -1);
- polkit_unix_process_set_uid (unix_process, val);
+ case PROP_UID:
+ polkit_unix_process_set_uid (unix_process, g_value_get_int (value));
break;
- }
case PROP_START_TIME:
polkit_unix_process_set_start_time (unix_process, g_value_get_uint64 (value));
--
2.21.0

1
sdk_container/src/third_party/coreos-overlay/sys-auth/polkit/polkit-0.113-r4.ebuild → sdk_container/src/third_party/coreos-overlay/sys-auth/polkit/polkit-0.113-r5.ebuild vendored
View File

@ -66,6 +66,7 @@ src_prepare() {
sed -i -e 's|unix-group:wheel|unix-user:0|' src/polkitbackend/*-default.rules || die #401513
epatch ${FILESDIR}/polkit-0.113-gir-cross-compile.patch
epatch ${FILESDIR}/polkit-0.113-allow-negative-uids-gids.patch
epatch ${FILESDIR}/polkit-0.113-allow-uid-of-1-for-a-PolkitUnixProcess.patch
}
src_configure() {