[lxc-devel] [lxc/master] security: fix too wide or inconsistent non-owner permissions

2xsec on Github lxc-bot at linuxcontainers.org
Wed Sep 19 05:32:02 UTC 2018


A non-text attachment was scrubbed...
Name: not available
Type: text/x-mailbox
Size: 483 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20180919/bd960b27/attachment.bin>
-------------- next part --------------
From e581b9b5f246d28325a9993b5974cdbc5cc0933e Mon Sep 17 00:00:00 2001
From: 2xsec <dh48.jeong at samsung.com>
Date: Wed, 19 Sep 2018 14:30:12 +0900
Subject: [PATCH] security: fix too wide or inconsistent non-owner permissions

Signed-off-by: 2xsec <dh48.jeong at samsung.com>
---
 src/lxc/conf.c              | 8 ++++----
 src/lxc/lxccontainer.c      | 4 ++--
 src/lxc/tools/lxc_unshare.c | 4 ++--
 3 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/src/lxc/conf.c b/src/lxc/conf.c
index 52fc49c91..488f3dd42 100644
--- a/src/lxc/conf.c
+++ b/src/lxc/conf.c
@@ -1778,10 +1778,10 @@ static int lxc_setup_dev_console(const struct lxc_rootfs *rootfs,
 		return -errno;
 	}
 
-	ret = fchmod(console->slave, S_IXUSR | S_IXGRP | S_IXOTH);
+	ret = fchmod(console->slave, S_IXUSR | S_IXGRP);
 	if (ret < 0) {
 		SYSERROR("Failed to set mode \"0%o\" to \"%s\"",
-			 S_IXUSR | S_IXGRP | S_IXOTH, console->name);
+			 S_IXUSR | S_IXGRP, console->name);
 		return -errno;
 	}
 
@@ -1848,10 +1848,10 @@ static int lxc_setup_ttydir_console(const struct lxc_rootfs *rootfs,
 		return -errno;
 	}
 
-	ret = fchmod(console->slave, S_IXUSR | S_IXGRP | S_IXOTH);
+	ret = fchmod(console->slave, S_IXUSR | S_IXGRP);
 	if (ret < 0) {
 		SYSERROR("Failed to set mode \"0%o\" to \"%s\"",
-			 S_IXUSR | S_IXGRP | S_IXOTH, console->name);
+			 S_IXUSR | S_IXGRP, console->name);
 		return -errno;
 	}
 
diff --git a/src/lxc/lxccontainer.c b/src/lxc/lxccontainer.c
index 5574514cf..30b181b8c 100644
--- a/src/lxc/lxccontainer.c
+++ b/src/lxc/lxccontainer.c
@@ -2639,7 +2639,7 @@ static bool do_lxcapi_save_config(struct lxc_container *c, const char *alt_file)
 		return false;
 
 	fd = open(alt_file, O_WRONLY | O_CREAT | O_TRUNC | O_CLOEXEC,
-		  S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP | S_IROTH | S_IWOTH);
+		  S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP);
 	if (fd < 0)
 		goto on_error;
 
@@ -3841,7 +3841,7 @@ static struct lxc_container *do_lxcapi_clone(struct lxc_container *c, const char
 	}
 
 	fd = open(newpath, O_WRONLY | O_CREAT | O_CLOEXEC,
-		  S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP | S_IROTH | S_IWOTH);
+		  S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP);
 	if (fd < 0) {
 		SYSERROR("Failed to open \"%s\"", newpath);
 		goto out;
diff --git a/src/lxc/tools/lxc_unshare.c b/src/lxc/tools/lxc_unshare.c
index 21cbc657d..a7458fa41 100644
--- a/src/lxc/tools/lxc_unshare.c
+++ b/src/lxc/tools/lxc_unshare.c
@@ -249,7 +249,7 @@ static void lxc_setup_fs(void)
 
 	/* if /dev has been populated by us, /dev/shm does not exist */
 	if (access("/dev/shm", F_OK))
-		(void)mkdir("/dev/shm", 0777);
+		(void)mkdir("/dev/shm", 0770);
 
 	/* if we can't mount /dev/shm, continue anyway */
 	(void)mount_fs("shmfs", "/dev/shm", "tmpfs");
@@ -257,7 +257,7 @@ static void lxc_setup_fs(void)
 	/* If we were able to mount /dev/shm, then /dev exists */
 	/* Sure, but it's read-only per config :) */
 	if (access("/dev/mqueue", F_OK))
-		(void)mkdir("/dev/mqueue", 0666);
+		(void)mkdir("/dev/mqueue", 0660);
 
 	/* continue even without posix message queue support */
 	(void)mount_fs("mqueue", "/dev/mqueue", "mqueue");


More information about the lxc-devel mailing list