|
Message-ID: <CAN_LGv1TvwzDnsOSrEos7zuKbsqEsZHB5ahnONK-63CotmUKkA@mail.gmail.com> Date: Wed, 25 Jan 2017 01:20:49 +0500 From: "Alexander E. Patrakov" <patrakov@...il.com> To: oss-security@...ts.openwall.com Subject: Re: Headsup: systemd v228 local root exploit (CVE-2016-10156) 2017-01-24 13:55 GMT+05:00 Sebastian Krahmer <krahmer@...e.com>: > Hi > > This is a heads up for a trivial systemd local root exploit, that > was silently fixed in the upstream git as: > > commit 06eeacb6fe029804f296b065b3ce91e796e1cd0e > Author: .... > Date: Fri Jan 29 23:36:08 2016 +0200 > > basic: fix touch() creating files with 07777 mode That's important for users of Arch Linux and other rolling distributions. If the system has booted the vulnerable version of systemd at least once, then the files with dangerous permissions will be there. There is no code in systemd that fixes permissions on already existing stamp files. There is no postinstall script in Arch that does it, either. So, you have to fix permissions to 0644 or remove the stamp files manually, once, even though the commit appeared in Arch repositories long time ago. -- Alexander E. Patrakov
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.