From mboxrd@z Thu Jan 1 00:00:00 1970 From: "chuli" Subject: [Patch]Fix the bug of comparing the file's mode in dispatch_parser() and check_exe_name() Date: Sun, 27 Jul 2008 15:09:30 +0800 Message-ID: <002901c8efb7$b6ccfc40$958da70a@truly> Return-path: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: linux-audit-bounces@redhat.com Errors-To: linux-audit-bounces@redhat.com To: 'Steve Grubb' Cc: 'linux-audit' List-Id: linux-audit@redhat.com Hi Mr. Grubby, When I set "dispatcher = /mydir/audispd" in /etc/audit/auditd.conf and make the mode of /mydir/audispd to 0755, auditd can be started successfully. But I found in the codes that such file like "/mydir/audispd" is hoped as 0750. There is a little error in comparing the file's mode, "S_IRWXO" should be used not just "S_IWOTH", otherwise the file is allowed to be readable or executable by others. There is the same bug in check_exe_name(). This bug will allow the script of "exec /path-to-script" to be readable or executable by others. Here is my patch for audit-1.7.4. Hope for your opinion about such modification. Signed-off-by: Chu Li --- diff --git a/src/auditd-config.c b/src/auditd-config.c index a7a939e..fc2fd48 100644 --- a/src/auditd-config.c +++ b/src/auditd-config.c @@ -629,7 +629,7 @@ static int dispatch_parser(struct nv_pair *nv, int line, audit_msg(LOG_ERR, "%s is not owned by root", nv->value); return 1; } - if ((buf.st_mode & (S_IRWXU|S_IRWXG|S_IWOTH)) != + if ((buf.st_mode & (S_IRWXU|S_IRWXG|S_IRWXO)) != (S_IRWXU|S_IRGRP|S_IXGRP)) { audit_msg(LOG_ERR, "%s permissions should be 0750", nv->value); return 1; @@ -869,7 +869,7 @@ static int check_exe_name(const char *val) audit_msg(LOG_ERR, "%s is not owned by root", val); return -1; } - if ((buf.st_mode & (S_IRWXU|S_IRWXG|S_IWOTH)) != + if ((buf.st_mode & (S_IRWXU|S_IRWXG|S_IRWXO)) != (S_IRWXU|S_IRGRP|S_IXGRP)) { audit_msg(LOG_ERR, "%s permissions should be 0750", val); return -1; Regards Chu Li