Re: Bug#832908: mongodb: CVE-2016-6494: world-readable .dbshell history file: LTS update and upgrade handling
Hi again
Here is the working patch (attached).
Hope it helps for later versions too.
// Ola
Description: World readable dbshell log file
This correction make sure the ~/.dbshell log file is not world readable.
.
mongodb (1:2.0.6-1+deb7u1) wheezy-security; urgency=high
.
* Non-maintainer upload by the Long Term Security Team.
* Make sure dbshell log file is not readable by others
CVE-2016-6494 (Closes: #832908).
Author: Ola Lundqvist <opal@debian.org>
Origin: other
Bug: https://jira.mongodb.org/browse/SERVER-25335
Bug-Debian: https://bugs.debian.org/832908
Forwarded: no
Reviewed-By: Ola Lundqvist <opal@debian.org>
Last-Update: 2016-08-01
Index: mongodb-2.0.6/third_party/linenoise/linenoise.cpp
===================================================================
--- mongodb-2.0.6.orig/third_party/linenoise/linenoise.cpp 2016-08-01 22:10:07.318825853 +0000
+++ mongodb-2.0.6/third_party/linenoise/linenoise.cpp 2016-08-01 22:19:52.706824724 +0000
@@ -104,11 +104,13 @@
#include <termios.h>
#include <unistd.h>
+#include <fcntl.h>
#include <stdlib.h>
#include <stdio.h>
#include <errno.h>
#include <string.h>
#include <stdlib.h>
+#include <sys/stat.h>
#include <sys/types.h>
#include <sys/ioctl.h>
#include <unistd.h>
@@ -799,6 +801,9 @@
/* Save the history in the specified file. On success 0 is returned
* otherwise -1 is returned. */
int linenoiseHistorySave(const char *filename) {
+ mode_t prev_mask = umask(0022);
+ // Make sure this file is not readable by others
+ umask(prev_mask | S_IROTH | S_IWOTH | S_IXOTH);
FILE *fp = fopen(filename,"w");
int j;
@@ -808,6 +813,7 @@
fprintf(fp,"%s\n",history[j]);
}
fclose(fp);
+ umask(prev_mask);
return 0;
}
@@ -817,6 +823,16 @@
* If the file exists and the operation succeeded 0 is returned, otherwise
* on error -1 is returned. */
int linenoiseHistoryLoad(const char *filename) {
+ struct stat fileStat;
+ if (stat(filename,&fileStat) < 0) return -1;
+ if (fileStat.st_mode & S_IROTH ||
+ fileStat.st_mode & S_IWOTH ||
+ fileStat.st_mode & S_IXOTH) {
+ // If the file is world readable, writeable or executable
+ // make sure it is not but keep all other permissions.
+ chmod(filename, fileStat.st_mode & 0777770);
+ }
+
FILE *fp = fopen(filename,"r");
char buf[LINENOISE_MAX_LINE];
Reply to: