This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: [PATCH] BZ #15755: CVE-2013-2207: pt_chown tricked into granting access to another users pseudo-terminal

On 08/25/2013 04:02 PM, Mike Frysinger wrote:
> On Sunday 25 August 2013 03:42:25 Mike Frysinger wrote:
>> On Friday 19 July 2013 01:55:13 Carlos O'Donell wrote:
>>> --- a/configure.in
>>> +++ b/configure.in
>>> @@ -353,6 +353,16 @@ AC_ARG_ENABLE([nscd],
>>>
>>>  	      [use_nscd=$enableval],
>>>  	      [use_nscd=yes])
>>>
>>> +AC_ARG_ENABLE([pt_chown],
>>> +	      [AS_HELP_STRING([--enable-pt_chown],
>>> +	       [Enable building and installing pt_chown])],
>>> +	      [build_pt_chown=$enableval],
>>> +	      [build_pt_chown=no])
>>> +AC_SUBST(build_pt_chown)
>>> +if test $build_pt_chown = yes; then
>>
>> the var expansion is missing quoting.  since it comes directly from the
>> user, you could trigger bad behavior:
>> 	./configure --enable-pt_chown='foo bar it'
> 
> committed as obvious
> -mike
> 
> From 814b95406550ee01c02c79ca40e8e8f7f1635d42 Mon Sep 17 00:00:00 2001
> From: Mike Frysinger <vapier@gentoo.org>
> Date: Sun, 25 Aug 2013 16:01:52 -0400
> Subject: [PATCH] configure: add missing quotes in $build_pt_chown test
> 
> Signed-off-by: Mike Frysinger <vapier@gentoo.org>

Thanks for catching this and fixing it.

Cheers,
Carlos.
Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]