Control: tags -1 + patch On Wed, 13 Mar 2019 08:54:26 +0800 Paul Wise wrote:
> Then the code will simply check for -- in $2 and $3 instead of checking > for the number of arguments and bundle the remaining arguments into the > core file name. I've attached the updated dump script and patch, please review it. -- bye, pabs https://wiki.debian.org/PaulWise
From a34f3e9892d0b5ac07c3c8198c69877844e62fac Mon Sep 17 00:00:00 2001 From: Paul Wise <p...@debian.org> Date: Wed, 13 Mar 2019 14:15:00 +0800 Subject: [PATCH 2/3] Handle older versions of the Linux kernel in a safer way Fixes: https://bugs.debian.org/924398 --- debian/changelog | 2 ++ debian/dump | 34 +++++++++++------------------ debian/sysctl-linux/corekeeper.conf | 2 +- 3 files changed, 16 insertions(+), 22 deletions(-) diff --git a/debian/changelog b/debian/changelog index 8916e17..c86672b 100644 --- a/debian/changelog +++ b/debian/changelog @@ -2,6 +2,8 @@ corekeeper (1.7) UNRELEASED; urgency=medium * Do not use a world-writable /var/crash with the dumper script (Closes: #924397) + * Handle older versions of the Linux kernel in a safer way + (Closes: #924398) -- Paul Wise <p...@debian.org> Wed, 13 Mar 2019 14:09:50 +0800 diff --git a/debian/dump b/debian/dump index e8fc3fd..4122d48 100644 --- a/debian/dump +++ b/debian/dump @@ -29,30 +29,22 @@ if [ "$(id -u)" != "0" ]; then fi # Check how many arguments the kernel sent us. -if [ $# -eq 2 ] ; then - # Awww, old kernel that does not support %d - # Cannot set the core file owner safely, use root - # See v3.6-6800-g12a2b4b in linux.git for more info - uid="$1" - core="$2" +uid="$1" ; shift +if [ "$1" = -- ] || [ "$1" -ne 1 ] ; then + # Either old kernel that does not support %d + # (see v3.6-6800-g12a2b4b in linux.git for more info) + # or a process that was not set as dumpable + # cannot set the core file owner safely, use root owner="0" -elif [ $# -eq 3 ] ; then - # Yay! A kernel that does support %d - uid="$2" - core="$3" - owner="$2" - # Set the core file owner safely - if [ $1 -eq 2 ] ; then - owner="0" - fi -else - # Something is majorly broken. - echo "This script should be run with three arguments and a core file on stdin" 1>&2 - exit 1 fi +shift +if [ "$1" = -- ] ; then + shift +fi +core="$*" -# The exclamation marks are shell metacharacters -core="$(echo "$core" | tr '!' '-')" +# These are shell metacharacters +core="$(printf '%s' "$core" | tr '! ' '-')" umask 0077 mkdir -p "/var/crash/$owner" chown "$owner" "/var/crash/$owner" diff --git a/debian/sysctl-linux/corekeeper.conf b/debian/sysctl-linux/corekeeper.conf index 66bebb4..4332bd1 100644 --- a/debian/sysctl-linux/corekeeper.conf +++ b/debian/sysctl-linux/corekeeper.conf @@ -9,6 +9,6 @@ #kernel.core_pattern = /var/crash/%p-%u-%g-%s-%t-%h-%E.core # When switching back to the default core pattern use mode 0755 for /var/crash # as it is unsafe to use the dumper with a world-writable directory. -kernel.core_pattern = |/usr/lib/corekeeper/dump %d %u %p-%u-%g-%s-%t-%h-%E.core +kernel.core_pattern = |/usr/lib/corekeeper/dump %u %d -- %p-%u-%g-%s-%t-%h-%E.core kernel.core_uses_pid = 1 fs.suid_dumpable = 2 -- 2.20.1
dump
Description: application/shellscript
signature.asc
Description: This is a digitally signed message part
