diff options
| author |   gilles <gilles@openbsd.org> | 2015-10-02 00:41:25 +0000 |
|---|---|---|
| committer | gilles <gilles@openbsd.org> | 2015-10-02 00:41:25 +0000 |
| commit | 0fe61fc9a85516f4b276a945ba9f4a697bf24720 (patch) | |
| tree | 5cb7bd72b2e2725d0e908e3db27b638b70543453 | |
| parent | prevent users from playing hardlink/symlink/mkfifo games with their offline (diff) | |
| download | wireguard-openbsd-0fe61fc9a85516f4b276a945ba9f4a697bf24720.tar.xz wireguard-openbsd-0fe61fc9a85516f4b276a945ba9f4a697bf24720.zip | |
in secure_file(), make uid checking on .forward files more strict to avoid
users creating hardlink to root-owned files and leaking first line.
reported by Qualys Security
| -rw-r--r-- | usr.sbin/smtpd/util.c | 7 |
1 files changed, 2 insertions, 5 deletions
diff --git a/usr.sbin/smtpd/util.c b/usr.sbin/smtpd/util.c index 330878abf80..f40cc40148d 100644 --- a/usr.sbin/smtpd/util.c +++ b/usr.sbin/smtpd/util.c @@ -1,4 +1,4 @@ -/* $OpenBSD: util.c,v 1.114 2015/08/16 20:53:19 gilles Exp $ */ +/* $OpenBSD: util.c,v 1.115 2015/10/02 00:41:25 gilles Exp $ */ /* * Copyright (c) 2000,2001 Markus Friedl. All rights reserved. @@ -500,9 +500,6 @@ valid_domainpart(const char *s) return res_hnok(s); } -/* - * Check file for security. Based on usr.bin/ssh/auth.c. - */ int secure_file(int fd, char *path, char *userdir, uid_t uid, int mayread) { @@ -520,7 +517,7 @@ secure_file(int fd, char *path, char *userdir, uid_t uid, int mayread) /* Check the open file to avoid races. */ if (fstat(fd, &st) < 0 || !S_ISREG(st.st_mode) || - (st.st_uid != 0 && st.st_uid != uid) || + st.st_uid != uid || (st.st_mode & (mayread ? 022 : 066)) != 0) return 0; |