r1123 - trunk/util-linux

archaic at linuxfromscratch.org archaic at linuxfromscratch.org
Thu Sep 15 15:55:16 PDT 2005


Author: archaic
Date: 2005-09-15 16:55:14 -0600 (Thu, 15 Sep 2005)
New Revision: 1123

Added:
   trunk/util-linux/util-linux-2.12q-umount_fix-1.patch
Log:
Added patch to fix util-linux remount vulnerability.

Added: trunk/util-linux/util-linux-2.12q-umount_fix-1.patch
===================================================================
--- trunk/util-linux/util-linux-2.12q-umount_fix-1.patch	2005-09-15 21:32:49 UTC (rev 1122)
+++ trunk/util-linux/util-linux-2.12q-umount_fix-1.patch	2005-09-15 22:55:14 UTC (rev 1123)
@@ -0,0 +1,20 @@
+Submitted By: Archaic <archaic AT linuxfromscratch D0T org>
+Date: 2005-09-15
+Initial Package Version: 2.12q
+Upstream Status: Applying upstream
+Origin: upstream
+Description: Fixes a local priviledge escalation in umount where a user can
+             remount a partition to bypass the nosuid option
+
+diff -Naur util-linux-2.12q.orig/mount/umount.c util-linux-2.12q/mount/umount.c
+--- util-linux-2.12q.orig/mount/umount.c	2004-12-20 22:03:45.000000000 +0000
++++ util-linux-2.12q/mount/umount.c	2005-09-15 22:29:28.000000000 +0000
+@@ -714,7 +714,7 @@
+ 
+ 	if (getuid () != geteuid ()) {
+ 		suid = 1;
+-		if (all || types || nomtab || force)
++		if (all || types || nomtab || force || remount)
+ 			die (2, _("umount: only root can do that"));
+ 	}
+ 




More information about the patches mailing list