Tree - rpms/qemu - CentOS Git server

render / rpms / qemu

Forked from rpms/qemu 9 months ago

Source
Stats

Blame qemu-CVE-2011-2527.patch

Blob History Raw

		2dedc0	`commit cc4662f9642995c78bed587707eeb9ad8500035b`
		2dedc0	`Author: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>`
		2dedc0	`Date: Sat Jul 9 10:22:07 2011 +0100`
		2dedc0
		2dedc0	`os-posix: set groups properly for -runas`
		2dedc0
		2dedc0	`Andrew Griffiths reports that -runas does not set supplementary group`
		2dedc0	`IDs. This means that gid 0 (root) is not dropped when switching to an`
		2dedc0	`unprivileged user.`
		2dedc0
		2dedc0	`Add an initgroups(3) call to use the -runas user's /etc/groups`
		2dedc0	`membership to update the supplementary group IDs.`
		2dedc0
		2dedc0	`Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>`
		2dedc0	`Acked-by: Chris Wright <chrisw@sous-sol.org>`
		2dedc0	`Signed-off-by: Blue Swirl <blauwirbel@gmail.com>`
		2dedc0
		2dedc0	`diff --git a/os-posix.c b/os-posix.c`
		2dedc0	`index 7dfb278..6f8d488 100644`
		2dedc0	`--- a/os-posix.c`
		2dedc0	`+++ b/os-posix.c`
		2dedc0	`@@ -31,6 +31,7 @@`
		2dedc0	`/needed for MAP_POPULATE before including qemu-options.h /`
		2dedc0	`#include <sys/mman.h>`
		2dedc0	`#include <pwd.h>`
		2dedc0	`+#include <grp.h>`
		2dedc0	`#include <libgen.h>`
		2dedc0
		2dedc0	`/* Needed early for CONFIG_BSD etc. */`
		2dedc0	`@@ -199,6 +200,11 @@ static void change_process_uid(void)`
		2dedc0	`fprintf(stderr, "Failed to setgid(%d)\n", user_pwd->pw_gid);`
		2dedc0	`exit(1);`
		2dedc0	`}`
		2dedc0	`+ if (initgroups(user_pwd->pw_name, user_pwd->pw_gid) < 0) {`
		2dedc0	`+ fprintf(stderr, "Failed to initgroups(\"%s\", %d)\n",`
		2dedc0	`+ user_pwd->pw_name, user_pwd->pw_gid);`
		2dedc0	`+ exit(1);`
		2dedc0	`+ }`
		2dedc0	`if (setuid(user_pwd->pw_uid) < 0) {`
		2dedc0	`fprintf(stderr, "Failed to setuid(%d)\n", user_pwd->pw_uid);`
		2dedc0	`exit(1);`

render / rpms / qemu

Source Code

Blame qemu-CVE-2011-2527.patch