×
Close
The permissions on this repository are being updated. This may take a while.
During this time, you or some of the project's contributors may not be able
to push to this repository.
Blame SOURCES/0183-abrtd-switch-owner-of-the-dump-location-to-root.patch
be3adfcbf59b8ca28054c7097c37e7dfd3ff20c9
30d571 From 57bc5697db222c96cb3adbee635f072abeeff6ad Mon Sep 17 00:00:00 200130d571 From: Jakub Filak <jfilak@redhat.com>30d571 Date: Wed, 30 Sep 2015 14:14:31 +020030d571 Subject: [PATCH] abrtd: switch owner of the dump location to 'root'30d571 30d571 Additional hardening suggested by Florian Weimer <fweimer@redhat.com>30d571 30d571 Related to CVE-2015-528730d571 Related: #126225230d571 30d571 Signed-off-by: Jakub Filak <jfilak@redhat.com>30d571 ---30d571 src/daemon/abrtd.c | 2 +-30d571 1 file changed, 1 insertion(+), 1 deletion(-)30d571 30d571 diff --git a/src/daemon/abrtd.c b/src/daemon/abrtd.c30d571 index b1252d2..b79e940 10064430d571 --- a/src/daemon/abrtd.c30d571 +++ b/src/daemon/abrtd.c30d571 @@ -164,7 +164,7 @@ static void sanitize_dump_dir_rights(void)30d571 * us with thousands of bogus or malicious dumps */30d571 /* 07000 bits are setuid, setgit, and sticky, and they must be unset */30d571 /* 00777 bits are usual "rwxrwxrwx" access rights */30d571 - ensure_writable_dir(g_settings_dump_location, 0755, "abrt");30d571 + ensure_writable_dir_group(g_settings_dump_location, 0751, "root", "abrt");30d571 /* temp dir */30d571 ensure_writable_dir(VAR_RUN"/abrt", 0755, "root");30d571 }30d571 -- 30d571 1.8.3.130d571
