[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Commits] r23568 - in /fsf/trunk/libc: ./ login/ manual/ sysdeps/unix/ sysdeps/unix/sysv/linux/



Author: eglibc
Date: Mon Jul 22 00:02:04 2013
New Revision: 23568

Log:
Import glibc-mainline for 2013-07-22

Modified:
    fsf/trunk/libc/ChangeLog
    fsf/trunk/libc/INSTALL
    fsf/trunk/libc/NEWS
    fsf/trunk/libc/config.h.in
    fsf/trunk/libc/config.make.in
    fsf/trunk/libc/configure
    fsf/trunk/libc/configure.in
    fsf/trunk/libc/login/Makefile
    fsf/trunk/libc/manual/install.texi
    fsf/trunk/libc/sysdeps/unix/grantpt.c
    fsf/trunk/libc/sysdeps/unix/sysv/linux/grantpt.c

Modified: fsf/trunk/libc/ChangeLog
==============================================================================
--- fsf/trunk/libc/ChangeLog (original)
+++ fsf/trunk/libc/ChangeLog Mon Jul 22 00:02:04 2013
@@ -1,3 +1,24 @@
+2013-07-21  Siddhesh Poyarekar  <siddhesh@xxxxxxxxxx>
+	    Andreas Schwab  <schwab@xxxxxxx>
+	    Roland McGrath  <roland@xxxxxxxxxxxxx>
+	    Joseph Myers  <joseph@xxxxxxxxxxxxxxxx>
+	    Carlos O'Donell  <carlos@xxxxxxxxxx>
+
+	[BZ #15755]
+	* config.h.in: Define HAVE_PT_CHOWN.
+	* config.make.in (build-pt-chown): New variable.
+	* configure.in (--enable-pt_chown): New configure option.
+	* configure: Regenerate.
+	* login/Makefile: Include Makeconfig.  Build pt_chown only if
+	build-pt-chown is enabled.
+	* sysdeps/unix/grantpt.c (grantpt) [HAVE_PT_CHOWN]: Spawn
+	pt_chown to fix pty ownership.
+	* sysdeps/unix/sysv/linux/grantpt.c [HAVE_PT_CHOWN]: Define
+	CLOSE_ALL_FDS.
+	* manual/install.texi (Configuring and compiling): Mention
+	--enable-pt_chown. Add @findex for grantpt.
+	* INSTALL: Regenerate.
+
 2013-07-20  David S. Miller  <davem@xxxxxxxxxxxxx>
 
 	* sysdeps/sparc/fpu/libm-test-ulps: Update ULPs to handle minor

Modified: fsf/trunk/libc/INSTALL
==============================================================================
--- fsf/trunk/libc/INSTALL (original)
+++ fsf/trunk/libc/INSTALL Mon Jul 22 00:02:04 2013
@@ -135,6 +135,18 @@
 
 `--enable-lock-elision=yes'
      Enable lock elision for pthread mutexes by default.
+
+`--enable-pt_chown'
+     The file `pt_chown' is a helper binary for `grantpt' (*note
+     Pseudo-Terminals: Allocation.) that is installed setuid root to
+     fix up pseudo-terminal ownership.  It is not built by default
+     because systems using the Linux kernel are commonly built with the
+     `devpts' filesystem enabled and mounted at `/dev/pts', which
+     manages pseudo-terminal ownership automatically.  By using
+     `--enable-pt_chown', you may build `pt_chown' and install it
+     setuid and owned by `root'.  The use of `pt_chown' introduces
+     additional security risks to the system and you should enable it
+     only if you understand and accept those risks.
 
 `--build=BUILD-SYSTEM'
 `--host=HOST-SYSTEM'

Modified: fsf/trunk/libc/NEWS
==============================================================================
--- fsf/trunk/libc/NEWS (original)
+++ fsf/trunk/libc/NEWS Mon Jul 22 00:02:04 2013
@@ -21,7 +21,14 @@
   15395, 15405, 15406, 15409, 15416, 15418, 15419, 15423, 15424, 15426,
   15429, 15431, 15432, 15441, 15442, 15448, 15465, 15480, 15485, 15488,
   15490, 15492, 15493, 15497, 15506, 15529, 15536, 15553, 15577, 15583,
-  15618, 15627, 15631, 15654, 15655, 15666, 15667, 15674, 15711.
+  15618, 15627, 15631, 15654, 15655, 15666, 15667, 15674, 15711, 15755.
+
+* CVE-2013-2207 Incorrectly granting access to another user's pseudo-terminal
+  has been fixed by disabling the use of pt_chown (Bugzilla #15755).
+  Distributions can re-enable building and using pt_chown via the new configure
+  option `--enable-pt_chown'.  Enabling the use of pt_chown carries with it
+  considerable security risks and should only be used if the distribution
+  understands and accepts the risks.
 
 * CVE-2013-0242 Buffer overrun in regexp matcher has been fixed (Bugzilla
   #15078).

Modified: fsf/trunk/libc/config.h.in
==============================================================================
--- fsf/trunk/libc/config.h.in (original)
+++ fsf/trunk/libc/config.h.in Mon Jul 22 00:02:04 2013
@@ -238,4 +238,7 @@
 /* The ARM hard-float ABI is being used.  */
 #undef HAVE_ARM_PCS_VFP
 
-#endif
+/* The pt_chown binary is being built and used by grantpt.  */
+#undef HAVE_PT_CHOWN
+
+#endif

Modified: fsf/trunk/libc/config.make.in
==============================================================================
--- fsf/trunk/libc/config.make.in (original)
+++ fsf/trunk/libc/config.make.in Mon Jul 22 00:02:04 2013
@@ -95,6 +95,7 @@
 build-nscd = @build_nscd@
 use-nscd = @use_nscd@
 build-hardcoded-path-in-tests= @hardcoded_path_in_tests@
+build-pt-chown = @build_pt_chown@
 
 # Build tools.
 CC = @CC@

Modified: fsf/trunk/libc/configure
==============================================================================
--- fsf/trunk/libc/configure (original)
+++ fsf/trunk/libc/configure Mon Jul 22 00:02:04 2013
@@ -647,6 +647,7 @@
 base_machine
 add_on_subdirs
 add_ons
+build_pt_chown
 build_nscd
 link_obsolete_rpc
 libc_cv_nss_crypt
@@ -756,6 +757,7 @@
 enable_systemtap
 enable_build_nscd
 enable_nscd
+enable_pt_chown
 with_cpu
 '
       ac_precious_vars='build_alias
@@ -1421,6 +1423,7 @@
   --enable-systemtap      enable systemtap static probe points [default=no]
   --disable-build-nscd    disable building and installing the nscd daemon
   --disable-nscd          library functions will not contact the nscd daemon
+  --enable-pt_chown       Enable building and installing pt_chown
 
 Optional Packages:
   --with-PACKAGE[=ARG]    use PACKAGE [ARG=yes]
@@ -3710,6 +3713,19 @@
   use_nscd=yes
 fi
 
+
+# Check whether --enable-pt_chown was given.
+if test "${enable_pt_chown+set}" = set; then :
+  enableval=$enable_pt_chown; build_pt_chown=$enableval
+else
+  build_pt_chown=no
+fi
+
+
+if test $build_pt_chown = yes; then
+  $as_echo "#define HAVE_PT_CHOWN 1" >>confdefs.h
+
+fi
 
 # The way shlib-versions is used to generate soversions.mk uses a
 # fairly simplistic model for name recognition that can't distinguish

Modified: fsf/trunk/libc/configure.in
==============================================================================
--- fsf/trunk/libc/configure.in (original)
+++ fsf/trunk/libc/configure.in Mon Jul 22 00:02:04 2013
@@ -352,6 +352,16 @@
 	       [library functions will not contact the nscd daemon])],
 	      [use_nscd=$enableval],
 	      [use_nscd=yes])
+
+AC_ARG_ENABLE([pt_chown],
+	      [AS_HELP_STRING([--enable-pt_chown],
+	       [Enable building and installing pt_chown])],
+	      [build_pt_chown=$enableval],
+	      [build_pt_chown=no])
+AC_SUBST(build_pt_chown)
+if test $build_pt_chown = yes; then
+  AC_DEFINE(HAVE_PT_CHOWN)
+fi
 
 # The way shlib-versions is used to generate soversions.mk uses a
 # fairly simplistic model for name recognition that can't distinguish

Modified: fsf/trunk/libc/login/Makefile
==============================================================================
--- fsf/trunk/libc/login/Makefile (original)
+++ fsf/trunk/libc/login/Makefile Mon Jul 22 00:02:04 2013
@@ -30,9 +30,15 @@
 
 CFLAGS-grantpt.c = -DLIBEXECDIR='"$(libexecdir)"'
 
-others = utmpdump pt_chown
+others = utmpdump
+
+include ../Makeconfig
+
+ifeq (yes,$(build-pt-chown))
+others += pt_chown
 others-pie = pt_chown
 install-others-programs = $(inst_libexecdir)/pt_chown
+endif
 
 subdir-dirs = programs
 vpath %.c programs

Modified: fsf/trunk/libc/manual/install.texi
==============================================================================
--- fsf/trunk/libc/manual/install.texi (original)
+++ fsf/trunk/libc/manual/install.texi Mon Jul 22 00:02:04 2013
@@ -162,6 +162,20 @@
 
 @item --enable-lock-elision=yes
 Enable lock elision for pthread mutexes by default.
+
+@pindex pt_chown
+@findex grantpt
+@item --enable-pt_chown
+The file @file{pt_chown} is a helper binary for @code{grantpt}
+(@pxref{Allocation, Pseudo-Terminals}) that is installed setuid root to
+fix up pseudo-terminal ownership.  It is not built by default because
+systems using the Linux kernel are commonly built with the @code{devpts}
+filesystem enabled and mounted at @file{/dev/pts}, which manages
+pseudo-terminal ownership automatically.  By using
+@samp{--enable-pt_chown}, you may build @file{pt_chown} and install it
+setuid and owned by @code{root}.  The use of @file{pt_chown} introduces
+additional security risks to the system and you should enable it only if
+you understand and accept those risks.
 
 @item --build=@var{build-system}
 @itemx --host=@var{host-system}

Modified: fsf/trunk/libc/sysdeps/unix/grantpt.c
==============================================================================
--- fsf/trunk/libc/sysdeps/unix/grantpt.c (original)
+++ fsf/trunk/libc/sysdeps/unix/grantpt.c Mon Jul 22 00:02:04 2013
@@ -173,9 +173,10 @@
   retval = 0;
   goto cleanup;
 
-  /* We have to use the helper program.  */
+  /* We have to use the helper program if it is available.  */
  helper:;
 
+#ifdef HAVE_PT_CHOWN
   pid_t pid = __fork ();
   if (pid == -1)
     goto cleanup;
@@ -190,9 +191,9 @@
 	if (__dup2 (fd, PTY_FILENO) < 0)
 	  _exit (FAIL_EBADF);
 
-#ifdef CLOSE_ALL_FDS
+# ifdef CLOSE_ALL_FDS
       CLOSE_ALL_FDS ();
-#endif
+# endif
 
       execle (_PATH_PT_CHOWN, basename (_PATH_PT_CHOWN), NULL, NULL);
       _exit (FAIL_EXEC);
@@ -231,6 +232,7 @@
 	    assert(! "getpt: internal error: invalid exit code from pt_chown");
 	  }
     }
+#endif
 
  cleanup:
   if (buf != _buf)

Modified: fsf/trunk/libc/sysdeps/unix/sysv/linux/grantpt.c
==============================================================================
--- fsf/trunk/libc/sysdeps/unix/sysv/linux/grantpt.c (original)
+++ fsf/trunk/libc/sysdeps/unix/sysv/linux/grantpt.c Mon Jul 22 00:02:04 2013
@@ -11,7 +11,7 @@
 
 #include "pty-private.h"
 
-
+#if HAVE_PT_CHOWN
 /* Close all file descriptors except the one specified.  */
 static void
 close_all_fds (void)
@@ -38,6 +38,7 @@
       __dup2 (STDOUT_FILENO, STDERR_FILENO);
     }
 }
-#define CLOSE_ALL_FDS() close_all_fds()
+# define CLOSE_ALL_FDS() close_all_fds()
+#endif
 
 #include <sysdeps/unix/grantpt.c>

_______________________________________________
Commits mailing list
Commits@xxxxxxxxxx
http://eglibc.org/cgi-bin/mailman/listinfo/commits