110 lines
3.7 KiB
Diff
110 lines
3.7 KiB
Diff
commit e8f8196230ae15f6f7d7104ded3e2633002506e4
|
|
Author: faxguy <faxguy@5505949e-d877-4686-9e03-c53b7a51b376>
|
|
Date: Sat Jun 13 23:46:33 2020 +0000
|
|
|
|
Johannes Segitz reported two issues:
|
|
|
|
1) faxaddmodem, faxsetup, and probemodem create temporary directories in a way that is not secure due to a race condition.
|
|
|
|
2) The HylaFAX spool directory bin and etc subdirectories are not secure against uucp deleting and recreating scripts that root runs.
|
|
|
|
These changes address these two issues.
|
|
|
|
|
|
|
|
git-svn-id: https://svn.code.sf.net/p/hylafax/HylaFAX+@2534 5505949e-d877-4686-9e03-c53b7a51b376
|
|
|
|
diff --git a/CONTRIBUTORS b/CONTRIBUTORS
|
|
index 057739f..a9d4f21 100644
|
|
--- a/CONTRIBUTORS
|
|
+++ b/CONTRIBUTORS
|
|
@@ -203,6 +203,7 @@ following for their contributions:
|
|
Travis Schafer LogSend and LogRecv modem config options, documentation fixes
|
|
Sven Schmidt
|
|
Steven Schoch faxrcvd faxinfo text parsing
|
|
+ Johannes Segitz code security audit
|
|
John Sellens
|
|
Chris Severance documentation fixes, scripting improvements
|
|
Simon <iahnl@iah.nl>
|
|
diff --git a/Makefile.in b/Makefile.in
|
|
index 1ee4d76..ec0cda7 100644
|
|
--- a/Makefile.in
|
|
+++ b/Makefile.in
|
|
@@ -208,7 +208,10 @@ makeServerDirs::
|
|
-idb hylafax.sw.server -root ${INSTALLROOT} -dir ${SPOOL}
|
|
-${INSTALL} -u ${FAXUSER} -g ${FAXGROUP} -m ${DIRMODE} \
|
|
-idb hylafax.sw.server -dir \
|
|
- -root ${INSTALLROOT} -F ${SPOOL} bin client config dev etc info log recvq status
|
|
+ -root ${INSTALLROOT} -F ${SPOOL} client config dev info log recvq status
|
|
+ -${INSTALL} -u root -g root -m ${DIRMODE} \
|
|
+ -idb hylafax.sw.server -dir \
|
|
+ -root ${INSTALLROOT} -F ${SPOOL} bin etc
|
|
-${INSTALL} -u ${FAXUSER} -g ${FAXGROUP} -m 700 \
|
|
-idb hylafax.sw.server -dir \
|
|
-root ${INSTALLROOT} -F ${SPOOL} sendq doneq docq tmp pollq archive
|
|
diff --git a/etc/faxaddmodem.sh.in b/etc/faxaddmodem.sh.in
|
|
index dc39917..c4d3ff1 100644
|
|
--- a/etc/faxaddmodem.sh.in
|
|
+++ b/etc/faxaddmodem.sh.in
|
|
@@ -113,12 +113,14 @@ if [ "$euid" != "root" ]; then
|
|
fi
|
|
|
|
# security
|
|
+o="`umask`"
|
|
+umask 077
|
|
TMPDIR=`(mktemp -d /tmp/.faxaddmodem.XXXXXX) 2>/dev/null`
|
|
+umask "$o"
|
|
if test X$TMPDIR = X; then
|
|
- TMPDIR=/tmp/.faxaddmodem$$
|
|
+ echo "Failed to create temporary directory. Cannot continue."
|
|
+ exit 1
|
|
fi
|
|
-@RM@ -rf $TMPDIR
|
|
-(umask 077 ; mkdir $TMPDIR) || exit 1
|
|
|
|
SH=$SCRIPT_SH # shell for use below
|
|
CPATH=$SPOOL/etc/config # prefix of configuration file
|
|
diff --git a/etc/faxsetup.sh.in b/etc/faxsetup.sh.in
|
|
index 556eef5..b4aae40 100644
|
|
--- a/etc/faxsetup.sh.in
|
|
+++ b/etc/faxsetup.sh.in
|
|
@@ -922,12 +922,14 @@ if onServer; then
|
|
#
|
|
|
|
# Setup TMPDIR before anything can trap and rm it
|
|
+ o="`umask`"
|
|
+ umask 077
|
|
TMPDIR=`(mktemp -d /tmp/.faxsetup.XXXXXX) 2>/dev/null`
|
|
+ umask "$o"
|
|
if test x$TMPDIR = x; then
|
|
- TMPDIR=/tmp/.faxsetup$$
|
|
+ echo "Failed to create temporary directory. Cannot continue."
|
|
+ exit 1
|
|
fi
|
|
- $RM -rf $TMPDIR
|
|
- (umask 077 ; mkdir $TMPDIR) || exit 1
|
|
|
|
JUNK="etc/setup.tmp"
|
|
trap "$RM \$JUNK; $RM -r \$TMPDIR; exit 1" 1 2 15
|
|
diff --git a/etc/probemodem.sh.in b/etc/probemodem.sh.in
|
|
index 55b5d9b..c0abf15 100644
|
|
--- a/etc/probemodem.sh.in
|
|
+++ b/etc/probemodem.sh.in
|
|
@@ -85,12 +85,14 @@ test -f $SPOOL/etc/setup.cache || {
|
|
. $SPOOL/etc/setup.cache # common configuration stuff
|
|
. $SPOOL/etc/setup.modem # modem-specific stuff
|
|
|
|
+o="`umask`"
|
|
+umask 077
|
|
TMPDIR=`(mktemp -d /tmp/.probemodem.XXXXXX) 2>/dev/null`
|
|
+umask "$o"
|
|
if test X$TMPDIR = X; then
|
|
- TMPDIR=/tmp/.probemodem$$
|
|
+ echo "Failed to create temporary directory. Cannot continue."
|
|
+ exit 1
|
|
fi
|
|
-@RM@ -fr $TMPDIR
|
|
-(umask 077 ; mkdir $TMPDIR) || exit 1
|
|
|
|
SH=$SCRIPT_SH # shell for use below
|
|
OUT=$TMPDIR/probemodem$$ # temp file in which modem output is recorded
|