pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/trunk]: pkgsrc/security/sudo Fix privilege-escalation vulnerability w...



details:   https://anonhg.NetBSD.org/pkgsrc/rev/f9d5ec3d0a33
branches:  trunk
changeset: 530331:f9d5ec3d0a33
user:      tls <tls%pkgsrc.org@localhost>
date:      Mon Jun 25 09:53:42 2007 +0000

description:
Fix privilege-escalation vulnerability with PKG_OPTIONS.sudo=kerberos:
cleanse environment of variables that alter behavior of Kerberos library
so the user can't override the default keytab location, and do *not*
ignore missing keytab errors.  Prevents root compromise via spoofed KDC
on systems with Kerberos libraries but no host key in keytab, no keytab,
or keytab overidden via environment.

Don't insist that the keytab key be DES -- some Kerberos sites are 3DES/AES
only.

Somewhat less invasive than the fix Todd incorporated into the 1.6.9 branch
of sudo (presently beta) but equivalent (though not as clean).

diffstat:

 security/sudo/Makefile         |   4 ++--
 security/sudo/distinfo         |   5 +++--
 security/sudo/patches/patch-ah |  27 +++++++++++++++++++++++----
 3 files changed, 28 insertions(+), 8 deletions(-)

diffs (66 lines):

diff -r 8288c8ca0fa6 -r f9d5ec3d0a33 security/sudo/Makefile
--- a/security/sudo/Makefile    Sun Jun 24 20:56:04 2007 +0000
+++ b/security/sudo/Makefile    Mon Jun 25 09:53:42 2007 +0000
@@ -1,9 +1,9 @@
-# $NetBSD: Makefile,v 1.89 2007/03/13 09:46:00 rillig Exp $
+# $NetBSD: Makefile,v 1.90 2007/06/25 09:53:42 tls Exp $
 #
 
 DISTNAME=              sudo-1.6.8p12
 PKGNAME=               sudo-1.6.8pl12
-PKGREVISION=           3
+PKGREVISION=           4
 CATEGORIES=            security
 MASTER_SITES=          http://www.courtesan.com/sudo/dist/ \
                        ftp://ftp.courtesan.com/pub/sudo/ \
diff -r 8288c8ca0fa6 -r f9d5ec3d0a33 security/sudo/distinfo
--- a/security/sudo/distinfo    Sun Jun 24 20:56:04 2007 +0000
+++ b/security/sudo/distinfo    Mon Jun 25 09:53:42 2007 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.34 2006/01/15 11:32:06 adrianp Exp $
+$NetBSD: distinfo,v 1.35 2007/06/25 09:53:42 tls Exp $
 
 SHA1 (sudo-1.6.8p12.tar.gz) = a79631e9e1c0d0d3f2aa88ae685628e5fde61982
 RMD160 (sudo-1.6.8p12.tar.gz) = d7ff9f18ca0973615258c2e975300b94567451d5
@@ -6,4 +6,5 @@
 SHA1 (patch-aa) = a4f29f2c228eb3b4af0872cf04a00ffdf41c603c
 SHA1 (patch-af) = 245761812dc600b3d2752fa135ba367bb0223370
 SHA1 (patch-ag) = 87c3263674ec98ccc9cc33f2108a2456eddaecc5
-SHA1 (patch-ah) = 3ca7f39f5a882c5a340a053ddd925ebdaef48df5
+SHA1 (patch-ah) = 142a8884aebdc1cffc256c3ca0ee9addc34f8054
+SHA1 (patch-ai) = 2523a87dc8af7d09573569c7b3e7068d8d927097
diff -r 8288c8ca0fa6 -r f9d5ec3d0a33 security/sudo/patches/patch-ah
--- a/security/sudo/patches/patch-ah    Sun Jun 24 20:56:04 2007 +0000
+++ b/security/sudo/patches/patch-ah    Mon Jun 25 09:53:42 2007 +0000
@@ -1,8 +1,27 @@
-$NetBSD: patch-ah,v 1.4 2006/01/15 11:32:07 adrianp Exp $
+$NetBSD: patch-ah,v 1.5 2007/06/25 09:53:42 tls Exp $
 
---- env.c.orig 2005-11-08 18:21:33.000000000 +0000
-+++ env.c
-@@ -130,6 +130,7 @@ static const char *initial_badenv_table[
+--- env.c.orig 2005-11-08 13:21:33.000000000 -0500
++++ env.c      2007-06-25 04:44:24.000000000 -0400
+@@ -105,14 +105,14 @@
+ #ifdef __APPLE__
+     "DYLD_*",
+ #endif
+-#ifdef HAVE_KERB4
++#if defined(HAVE_KERB4) || defined(HAVE_KERB5)
+     "KRB_CONF*",
+     "KRBCONFDIR",
+     "KRBTKFILE",
+-#endif /* HAVE_KERB4 */
+-#ifdef HAVE_KERB5
+     "KRB5_CONFIG*",
+-#endif /* HAVE_KERB5 */
++    "KRB5_KTNAME",
++    "KRB5CCNAME",
++#endif /* HAVE_KERB4 || HAVE_KERB5 */
+ #ifdef HAVE_SECURID
+     "VAR_ACE",
+     "USR_ACE",
+@@ -130,6 +130,7 @@
      "PERLLIB",
      "PERL5LIB",
      "PERL5OPT",



Home | Main Index | Thread Index | Old Index