r1351 - in trunk: . sudo

bdubbs at linuxfromscratch.org bdubbs at linuxfromscratch.org
Tue Jan 17 17:07:07 PST 2006


Author: bdubbs
Date: 2006-01-17 18:07:06 -0700 (Tue, 17 Jan 2006)
New Revision: 1351

Added:
   trunk/sudo/
   trunk/sudo/sudo-1.6.8p12-envvar_fix-1.patch
Log:
Add sudo environment variable patch

Added: trunk/sudo/sudo-1.6.8p12-envvar_fix-1.patch
===================================================================
--- trunk/sudo/sudo-1.6.8p12-envvar_fix-1.patch	2006-01-17 06:18:46 UTC (rev 1350)
+++ trunk/sudo/sudo-1.6.8p12-envvar_fix-1.patch	2006-01-18 01:07:06 UTC (rev 1351)
@@ -0,0 +1,59 @@
+Submitted By: Archaic (archaic -aT- linuxfromscratch -DoT- org)
+Date: 2005-01-17
+Initial Package Version: 1.6.8p12
+Origin: Upstream CVS
+Upstream Status: In CVS
+Description: (CVE-2005-4158) Sudo before 1.6.8 p12, when the Perl taint flag is
+	     off, does not clear the PERLLIB, PERL5LIB, and PERL5OPT environment
+	     variables, which allows limited local users to cause a Perl script
+	     to include and execute arbitrary library files that have the same
+             name as library files that are included by the script.
+             Additionally, more variables beyond perl were added to the
+             blacklist and comments were added to the variables.
+
+diff -Naur sudo-1.6.8p12.orig/env.c sudo-1.6.8p12/env.c
+--- sudo-1.6.8p12.orig/env.c	2005-11-08 18:21:33.000000000 +0000
++++ sudo-1.6.8p12/env.c	2006-01-18 00:35:17.000000000 +0000
+@@ -118,18 +118,31 @@
+     "USR_ACE",
+     "DLC_ACE",
+ #endif /* HAVE_SECURID */
+-    "TERMINFO",
+-    "TERMINFO_DIRS",
+-    "TERMPATH",
++    "TERMINFO",			/* terminfo, exclusive path to terminfo files */
++    "TERMINFO_DIRS",		/* terminfo, path(s) to terminfo files */
++    "TERMPATH",			/* termcap, path(s) to termcap files */
+     "TERMCAP",			/* XXX - only if it starts with '/' */
+-    "ENV",
+-    "BASH_ENV",
+-    "PS4",
+-    "SHELLOPTS",
+-    "JAVA_TOOL_OPTIONS",
+-    "PERLLIB",
+-    "PERL5LIB",
+-    "PERL5OPT",
++    "ENV",			/* ksh, file to source before script runs */
++    "BASH_ENV",			/* bash, file to source before script runs */
++    "PS4",			/* bash, prefix for lines in xtrace mode */
++    "GLOBIGNORE",		/* bash, globbing patterns to ignore */
++    "SHELLOPTS",		/* bash, extra command line options */
++    "JAVA_TOOL_OPTIONS",	/* java, extra command line options */
++    "PERLIO_DEBUG ",		/* perl, debugging output file */
++    "PERLLIB",			/* perl, search path for modules/includes */
++    "PERL5LIB",			/* perl 5, search path for modules/includes */
++    "PERL5OPT",			/* perl 5, extra command line options */
++    "PERL5DB",			/* perl 5, command used to load debugger */
++    "FPATH",			/* ksh, search path for functions */
++    "NULLCMD",			/* zsh, command for null file redirection */
++    "READNULLCMD",		/* zsh, command for null file redirection */
++    "ZDOTDIR",			/* zsh, search path for dot files */
++    "TMPPREFIX",		/* zsh, prefix for temporary files */
++    "PYTHONHOME",		/* python, module search path */
++    "PYTHONPATH",		/* python, search path */
++    "PYTHONINSPEC",		/* python, allow inspection */
++    "RUBYLIB",			/* ruby, library load path */
++    "RUBYOPT",			/* ruby, extra command line options */
+     NULL
+ };
+ 




More information about the patches mailing list