[Buildroot] [PATCH] package/skeleton-init-sysv: Set sticky bit on /dev/shm

Buildroot Archive on lore.kernel.org
 help / color / mirror / Atom feed

* [Buildroot] [PATCH] package/skeleton-init-sysv: Set sticky bit on /dev/shm
@ 2024-04-11 15:20 Ben Hutchings via buildroot
  2024-04-11 18:31 ` Yann E. MORIN
                   ` (2 more replies)
  0 siblings, 3 replies; 6+ messages in thread
From: Ben Hutchings via buildroot @ 2024-04-11 15:20 UTC (permalink / raw)
  To: buildroot; +Cc: oss-security, Ben Hutchings

/dev/shm is a world-writable directory, like /tmp, and should also
have the sticky bit set.  Without this, any user can delete and
replace another user's files in /dev/shm.

This bug has been present since /dev/shm was added to the skeleton
/etc/fstab, but appears to have been fixed for systems using systemd
by commit 76fc9275f14e "system: separate sysv and systemd parts of the
skeleton" which went into Buildroot 2017.08.

Signed-off-by: Ben Hutchings <ben.hutchings@mind.be>
Fixes: 22fde22e35f98f7830c2f8955465532328348cd1
---
 package/skeleton-init-sysv/skeleton/etc/fstab | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/package/skeleton-init-sysv/skeleton/etc/fstab b/package/skeleton-init-sysv/skeleton/etc/fstab
index 169054b74f..06c20fe9d5 100644
--- a/package/skeleton-init-sysv/skeleton/etc/fstab
+++ b/package/skeleton-init-sysv/skeleton/etc/fstab
@@ -2,7 +2,7 @@
 /dev/root	/		ext2	rw,noauto	0	1
 proc		/proc		proc	defaults	0	0
 devpts		/dev/pts	devpts	defaults,gid=5,mode=620,ptmxmode=0666	0	0
-tmpfs		/dev/shm	tmpfs	mode=0777	0	0
+tmpfs		/dev/shm	tmpfs	mode=1777	0	0
 tmpfs		/tmp		tmpfs	mode=1777	0	0
 tmpfs		/run		tmpfs	mode=0755,nosuid,nodev	0	0
 sysfs		/sys		sysfs	defaults	0	0
-- 
2.39.2

_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot

^ permalink raw reply related	[flat|nested] 6+ messages in thread

* Re: [Buildroot] [PATCH] package/skeleton-init-sysv: Set sticky bit on /dev/shm
  2024-04-11 15:20 [Buildroot] [PATCH] package/skeleton-init-sysv: Set sticky bit on /dev/shm Ben Hutchings via buildroot
@ 2024-04-11 18:31 ` Yann E. MORIN
       [not found] ` <ZhgCNMQXfxPXuqvs@cephalopod>
  2024-05-06 21:04 ` [Buildroot] [PATCH] package/skeleton-init-sysv: Set sticky bit " Peter Korsgaard
  2 siblings, 0 replies; 6+ messages in thread
From: Yann E. MORIN @ 2024-04-11 18:31 UTC (permalink / raw)
  To: Ben Hutchings; +Cc: oss-security, buildroot

Ben, All,

On 2024-04-11 17:20 +0200, Ben Hutchings via buildroot spake thusly:
> /dev/shm is a world-writable directory, like /tmp, and should also
> have the sticky bit set.  Without this, any user can delete and
> replace another user's files in /dev/shm.

Indeed, good catch!

> This bug has been present since /dev/shm was added to the skeleton
> /etc/fstab, but appears to have been fixed for systems using systemd
> by commit 76fc9275f14e "system: separate sysv and systemd parts of the
> skeleton" which went into Buildroot 2017.08.
> 
> Signed-off-by: Ben Hutchings <ben.hutchings@mind.be>
> Fixes: 22fde22e35f98f7830c2f8955465532328348cd1

Applied to master, thanks.

Regards,
Yann E. MORIN.

> ---
>  package/skeleton-init-sysv/skeleton/etc/fstab | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/package/skeleton-init-sysv/skeleton/etc/fstab b/package/skeleton-init-sysv/skeleton/etc/fstab
> index 169054b74f..06c20fe9d5 100644
> --- a/package/skeleton-init-sysv/skeleton/etc/fstab
> +++ b/package/skeleton-init-sysv/skeleton/etc/fstab
> @@ -2,7 +2,7 @@
>  /dev/root	/		ext2	rw,noauto	0	1
>  proc		/proc		proc	defaults	0	0
>  devpts		/dev/pts	devpts	defaults,gid=5,mode=620,ptmxmode=0666	0	0
> -tmpfs		/dev/shm	tmpfs	mode=0777	0	0
> +tmpfs		/dev/shm	tmpfs	mode=1777	0	0
>  tmpfs		/tmp		tmpfs	mode=1777	0	0
>  tmpfs		/run		tmpfs	mode=0755,nosuid,nodev	0	0
>  sysfs		/sys		sysfs	defaults	0	0
> -- 
> 2.39.2
> 
> _______________________________________________
> buildroot mailing list
> buildroot@buildroot.org
> https://lists.buildroot.org/mailman/listinfo/buildroot

-- 
.-----------------.--------------------.------------------.--------------------.
|  Yann E. MORIN  | Real-Time Embedded | /"\ ASCII RIBBON | Erics' conspiracy: |
| +33 662 376 056 | Software  Designer | \ / CAMPAIGN     |  ___               |
| +33 561 099 427 `------------.-------:  X  AGAINST      |  \e/  There is no  |
| http://ymorin.is-a-geek.org/ | _/*\_ | / \ HTML MAIL    |   v   conspiracy.  |
'------------------------------^-------^------------------^--------------------'
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot

^ permalink raw reply	[flat|nested] 6+ messages in thread

[parent not found: <ZhgCNMQXfxPXuqvs@cephalopod>]

* Re: [Buildroot] Buildroot: incorrect permissons on /dev/shm
       [not found] ` <ZhgCNMQXfxPXuqvs@cephalopod>
@ 2024-05-06 10:24   ` Ben Hutchings via buildroot
  2024-05-06 18:32     ` Yann E. MORIN
  0 siblings, 1 reply; 6+ messages in thread
From: Ben Hutchings via buildroot @ 2024-05-06 10:24 UTC (permalink / raw)
  To: oss-security; +Cc: buildroot

On Thu, Apr 11, 2024 at 05:31:02PM +0200, Ben Hutchings wrote:
> Buildroot is a Linux distribution and system builder for embedded
> systems.  Starting in Buildroot 2011.08, its default /etc/fstab
> included an entry for /dev/shm with incorrect permissons (sticky bit
> not set). (CWE-276)
> 
> Buildroot 2017.08 removed this entry for systems using systemd, and it
> has never been included for systems using OpenRC.  So this only
> affects Buildroot-built systems that use sysvinit, and some older
> systems that use systemd.
[...]

This has been assigned CVE-2024-34455.

Ben.

-- 
Ben Hutchings · Senior Embedded Software Engineer, Essensium-Mind · mind.be
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [Buildroot] Buildroot: incorrect permissons on /dev/shm
  2024-05-06 10:24   ` [Buildroot] Buildroot: incorrect permissons " Ben Hutchings via buildroot
@ 2024-05-06 18:32     ` Yann E. MORIN
  2024-05-07  9:10       ` Peter Korsgaard
  0 siblings, 1 reply; 6+ messages in thread
From: Yann E. MORIN @ 2024-05-06 18:32 UTC (permalink / raw)
  To: Ben Hutchings; +Cc: oss-security, buildroot

Ben, All,

On 2024-05-06 12:24 +0200, Ben Hutchings via buildroot spake thusly:
> On Thu, Apr 11, 2024 at 05:31:02PM +0200, Ben Hutchings wrote:
> > Buildroot is a Linux distribution and system builder for embedded
> > systems.  Starting in Buildroot 2011.08, its default /etc/fstab
> > included an entry for /dev/shm with incorrect permissons (sticky bit
> > not set). (CWE-276)
> > 
> > Buildroot 2017.08 removed this entry for systems using systemd, and it
> > has never been included for systems using OpenRC.  So this only
> > affects Buildroot-built systems that use sysvinit, and some older
> > systems that use systemd.
> [...]
> 
> This has been assigned CVE-2024-34455.

Thanks for th efeedback. The fix has already been committed, with commit
0b2967e158 (package/skeleton-init-sysv: Set sticky bit on /dev/shm) that
I applied on 2024-04-11.

Regards,
Yann E. MORIN.

-- 
.-----------------.--------------------.------------------.--------------------.
|  Yann E. MORIN  | Real-Time Embedded | /"\ ASCII RIBBON | Erics' conspiracy: |
| +33 662 376 056 | Software  Designer | \ / CAMPAIGN     |  ___               |
| +33 561 099 427 `------------.-------:  X  AGAINST      |  \e/  There is no  |
| http://ymorin.is-a-geek.org/ | _/*\_ | / \ HTML MAIL    |   v   conspiracy.  |
'------------------------------^-------^------------------^--------------------'
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [Buildroot] Buildroot: incorrect permissons on /dev/shm
  2024-05-06 18:32     ` Yann E. MORIN
@ 2024-05-07  9:10       ` Peter Korsgaard
  0 siblings, 0 replies; 6+ messages in thread
From: Peter Korsgaard @ 2024-05-07  9:10 UTC (permalink / raw)
  To: Yann E. MORIN; +Cc: oss-security, Ben Hutchings, buildroot

>>>>> "Yann" == Yann E MORIN <yann.morin.1998@free.fr> writes:

 > Ben, All,
 > On 2024-05-06 12:24 +0200, Ben Hutchings via buildroot spake thusly:
 >> On Thu, Apr 11, 2024 at 05:31:02PM +0200, Ben Hutchings wrote:
 >> > Buildroot is a Linux distribution and system builder for embedded
 >> > systems.  Starting in Buildroot 2011.08, its default /etc/fstab
 >> > included an entry for /dev/shm with incorrect permissons (sticky bit
 >> > not set). (CWE-276)
 >> > 
 >> > Buildroot 2017.08 removed this entry for systems using systemd, and it
 >> > has never been included for systems using OpenRC.  So this only
 >> > affects Buildroot-built systems that use sysvinit, and some older
 >> > systems that use systemd.
 >> [...]
 >> 
 >> This has been assigned CVE-2024-34455.

 > Thanks for th efeedback. The fix has already been committed, with commit
 > 0b2967e158 (package/skeleton-init-sysv: Set sticky bit on /dev/shm) that
 > I applied on 2024-04-11.

And it is included in the recently released 2024.02.2 rlease:

https://lore.kernel.org/buildroot/874jbaxb7g.fsf@dell.be.48ers.dk/T/#u

-- 
Bye, Peter Korsgaard
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [Buildroot] [PATCH] package/skeleton-init-sysv: Set sticky bit on /dev/shm
  2024-04-11 15:20 [Buildroot] [PATCH] package/skeleton-init-sysv: Set sticky bit on /dev/shm Ben Hutchings via buildroot
  2024-04-11 18:31 ` Yann E. MORIN
       [not found] ` <ZhgCNMQXfxPXuqvs@cephalopod>
@ 2024-05-06 21:04 ` Peter Korsgaard
  2 siblings, 0 replies; 6+ messages in thread
From: Peter Korsgaard @ 2024-05-06 21:04 UTC (permalink / raw)
  To: Ben Hutchings via buildroot; +Cc: oss-security, Ben Hutchings

>>>>> "Ben" == Ben Hutchings via buildroot <buildroot@buildroot.org> writes:

 > /dev/shm is a world-writable directory, like /tmp, and should also
 > have the sticky bit set.  Without this, any user can delete and
 > replace another user's files in /dev/shm.

 > This bug has been present since /dev/shm was added to the skeleton
 > /etc/fstab, but appears to have been fixed for systems using systemd
 > by commit 76fc9275f14e "system: separate sysv and systemd parts of the
 > skeleton" which went into Buildroot 2017.08.

 > Signed-off-by: Ben Hutchings <ben.hutchings@mind.be>
 > Fixes: 22fde22e35f98f7830c2f8955465532328348cd1

Committed to 2024.02.x, thanks.

-- 
Bye, Peter Korsgaard
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot

^ permalink raw reply	[flat|nested] 6+ messages in thread

end of thread, other threads:[~2024-05-07  9:10 UTC | newest]

Thread overview: 6+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2024-04-11 15:20 [Buildroot] [PATCH] package/skeleton-init-sysv: Set sticky bit on /dev/shm Ben Hutchings via buildroot
2024-04-11 18:31 ` Yann E. MORIN
     [not found] ` <ZhgCNMQXfxPXuqvs@cephalopod>
2024-05-06 10:24   ` [Buildroot] Buildroot: incorrect permissons " Ben Hutchings via buildroot
2024-05-06 18:32     ` Yann E. MORIN
2024-05-07  9:10       ` Peter Korsgaard
2024-05-06 21:04 ` [Buildroot] [PATCH] package/skeleton-init-sysv: Set sticky bit " Peter Korsgaard

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox