Show 1.4.1 - Change Log differences form selected versions
file info- category(Tag)
- root
- file name
- ccs-patch_1.4.1_-_Changes
- last update
- 2007-06-05 14:55
- type
- Plain Text
- editor
- Tetsuo Handa
- description
- 1.4.1 - Change Log
- language
- English
- translate
--- /tmp/DOCMAN2ATQSUY 2013-05-18 21:12:47.000000000 +0900
+++ /tmp/DOCMAN2UQKc77 2013-05-18 21:12:47.000000000 +0900
@@ -1 +1,61 @@
+ @ Change argv[0] checking rule.
+
+ I was comparing the basename of symbolic link's pathname and argv[0].
+ Since execute permission check and domain transition are done
+ based on realpath while argv[0] check is done based on the symlink's
+ pathname and argv[0], this specification will allow attackers behave
+ as /bin/cat in the domain of /bin/ls if "/bin/ls and /bin/cat are
+ links to /sbin/busybox" and "the attacker is permitted to create
+ a symlink named ~/cat that points to /bin/ls" and "the attacker is
+ permitted to run /bin/ls".
+ So, I changed to compare the basename of realpath and argv[0].
+ Also, I moved the location to compare before processing
+ "aggregator" directive so that
+ "aggregator /tmp/logrotate.\?\?\?\?\?\? /tmp/logrotate.tmp"
+ won't cause the mismatch of the basename of realpath and argv[0].
+
+ If /bin/ls is a symlink to /sbin/busybox, then
+ creating a symlink named ~/cat that points to /bin/ls and
+ executing ~/cat won't work as expected because permission check and
+ domain transition are done using /sbin/busybox (realpath of /bin/ls)
+ and will be rejected since the administrator won't grant
+ "1 /sbin/busybox".
+
+Fix 2007/05/07
+
+ @ Support pathname subtraction.
+
+ There was no way to exclude specific pathnames when granting
+ permissions using wildcards.
+ There would be a need to exclude specific files and directories.
+ I introduced "\-" as subtraction operator.
+
+ "A\-B" means "A" other than "B".
+ "A\-B\-C" means "A" other than "B" and "C".
+ "A\-B\-C\-D" means "A" other than "B" and "C" and "D".
+
+ "A", "B", "C", "D" may contain wildcards.
+
+ An example usage is "/home/\*/\*\-.ssh/\*", which means
+ "/home/\*/\*/\*" other than "/home/\*/.ssh/\*".
+
+ "A" should contain wildcards because subtraction from constants
+ (e.g. "/usr\-usr/" or "/usr\-home/") is meaningless.
+
+ Don't try "A\-B\+C" because "\+" is not addition operator.
+
+Fix 2007/05/24
+
+ @ Fix autobind hook.
+
+ The location to call SAKURA_MayAutobind() in net/ipv4/udp.c
+ and net/ipv6/udp.c were wrong.
+
+Fix 2007/06/03
+
+ @ Add a space in MakeMountOptions().
+
+ I forgot to add a space after "atime" and "noatime".
+
+Version 1.4.1 2007/06/05 Minor update release.
| 
|
TOMOYO