]> xenbits.xensource.com Git - qemu-upstream-4.4-testing.git/commit
projects / qemu-upstream-4.4-testing.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 6dc71da) | patch
qga: set umask 0077 when daemonizing (CVE-2013-2007)
authorLaszlo Ersek <lersek@redhat.com>
Tue, 1 Oct 2013 15:13:33 +0000 (15:13 +0000)
committerStefano Stabellini <stefano.stabellini@eu.citrix.com>
Tue, 1 Oct 2013 15:13:33 +0000 (15:13 +0000)
commit8a4bd762aa01b21c43aa24c5b743f4bd7c9db3e3
treece6ddb961fffe4441eb2f469b3620254bed9115dtree
parent6dc71da698bfdc5297f8719e78eba26b1f15ff2ccommit | diff
qga: set umask 0077 when daemonizing (CVE-2013-2007)

The qemu guest agent creates a bunch of files with insecure permissions
when started in daemon mode. For example:

  -rw-rw-rw- 1 root root /var/log/qemu-ga.log
  -rw-rw-rw- 1 root root /var/run/qga.state
  -rw-rw-rw- 1 root root /var/log/qga-fsfreeze-hook.log

In addition, at least all files created with the "guest-file-open" QMP
command, and all files created with shell output redirection (or
otherwise) by utilities invoked by the fsfreeze hook script are affected.

For now mask all file mode bits for "group" and "others" in
become_daemon().

Temporarily, for compatibility reasons, stick with the 0666 file-mode in
case of files newly created by the "guest-file-open" QMP call. Do so
without changing the umask temporarily.

upstream-commit-id: c689b4f1bac352dcfd6ecb9a1d45337de0f1de67

Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
qemu-ga.c diff | blob | history
qga/commands-posix.c diff | blob | history
Obsolete Upstream Qemu based repository for xen-4.4-testing