]> xenbits.xensource.com Git - qemu-upstream-4.2-testing.git/commit
projects / qemu-upstream-4.2-testing.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 9af2b71) | patch
qga: set umask 0077 when daemonizing (CVE-2013-2007)
authorLaszlo Ersek <lersek@redhat.com>
Tue, 1 Oct 2013 15:20:40 +0000 (15:20 +0000)
committerStefano Stabellini <stefano.stabellini@eu.citrix.com>
Tue, 1 Oct 2013 15:39:12 +0000 (15:39 +0000)
commit3389f492465406e48914ee88d6e990dcf4629682
tree8323de94c1b7471280aa1b84ad1b58d34ec1784etree
parent9af2b71301bd70c30c2bd21a084a6db85195fff5commit | diff
qga: set umask 0077 when daemonizing (CVE-2013-2007)

The qemu guest agent creates a bunch of files with insecure permissions
when started in daemon mode. For example:

  -rw-rw-rw- 1 root root /var/log/qemu-ga.log
  -rw-rw-rw- 1 root root /var/run/qga.state
  -rw-rw-rw- 1 root root /var/log/qga-fsfreeze-hook.log

In addition, at least all files created with the "guest-file-open" QMP
command, and all files created with shell output redirection (or
otherwise) by utilities invoked by the fsfreeze hook script are affected.

For now mask all file mode bits for "group" and "others" in
become_daemon().

Temporarily, for compatibility reasons, stick with the 0666 file-mode in
case of files newly created by the "guest-file-open" QMP call. Do so
without changing the umask temporarily.

upstream-commit-id: c689b4f1bac352dcfd6ecb9a1d45337de0f1de67

Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
qemu-ga.c diff | blob | history
qga/guest-agent-commands.c diff | blob | history
Obsolete Upstream Qemu based repository for xen-unstable