Bug #3216

Bad rc.local file permissions

Added by Stefano Fancello about 6 years ago. Updated about 6 years ago.

Status:CLOSEDStart date:
Priority:UrgentDue date:
Assignee:-% Done:

100%

Category:nethserver-base
Target version:v6.6
Security class:moderate Resolution:
Affected version:v6.6-final NEEDINFO:No

Description

/etc/rc.d/rc.local has strange and wrong permissions:
--wxrw--wt. 1 root root 761 Jul 8 12:44 /etc/rc.d/rc.local
This is because template metadata has PERMS=755 instead of PERMS=0755
every local user is able to write into this file that is executed at reboot.

The need for reboot to exploit this vulnerability, mitigate impact

Associated revisions

Revision 9d849836
Added by Stefano Fancello about 6 years ago

Fix rc.local permissions. Refs #3216

Revision 986a6bf7
Added by Stefano Fancello about 6 years ago

Fix rc.local permissions. Refs #3216

History

#1 Updated by Stefano Fancello about 6 years ago

  • Subject changed from Wrong permssions error allows privilege escalation to Bad permssions error allows privilege escalation

#2 Updated by Stefano Fancello about 6 years ago

  • Subject changed from Bad permssions error allows privilege escalation to Bad rc.local file permissions

#3 Updated by Davide Principi about 6 years ago

  • Status changed from NEW to TRIAGED
  • Target version set to v6.6
  • % Done changed from 0 to 20
  • Affected version set to v6.6-final

#4 Updated by Davide Principi about 6 years ago

  • Status changed from TRIAGED to ON_DEV
  • Assignee set to Davide Principi
  • % Done changed from 20 to 30

#5 Updated by Davide Principi about 6 years ago

  • Status changed from ON_DEV to MODIFIED
  • Assignee deleted (Davide Principi)
  • % Done changed from 30 to 60

Applied Stefano's patch

#6 Updated by Davide Principi about 6 years ago

  • Status changed from MODIFIED to ON_QA
  • % Done changed from 60 to 70

In nethserver-testing:
nethserver-base-2.7.2-1.1.g9d84983.ns6.noarch.rpm

#7 Updated by Stefano Fancello about 6 years ago

  • Status changed from ON_QA to VERIFIED
  • % Done changed from 70 to 90

#8 Updated by Davide Principi about 6 years ago

  • Status changed from VERIFIED to CLOSED
  • % Done changed from 90 to 100

In nethserver-updates:
nethserver-base-2.7.3-1.ns6.noarch.rpm

#9 Updated by Davide Principi about 6 years ago

  • Private changed from Yes to No

Also available in: Atom PDF