holm/shorewall_code
1
0
Fork 0
forked from extern/shorewall_code
Code Pull Requests Activity

Make security fix work on Slackware 9.1

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1424 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2004-06-29 15:33:47 +00:00
parent 9d3a1ca007
commit 1d2eea04b9
6 changed files with 25 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
STABLE/changelog.txt
View File

@ -37,3 +37,7 @@ Changes since 1.4.9
17) Implement Sean Mathews's fix for Proxy ARP/IPSEC. 17) Implement Sean Mathews's fix for Proxy ARP/IPSEC.
18) Update rfc1918. 18) Update rfc1918.
19) Fix local exploit vulnerability.
20) Hack security fix so that it works under Slackware.

10
STABLE/functions
View File

@ -247,14 +247,14 @@ mktempdir() {
[ -z "$MKTEMP" ] && find_mktemp [ -z "$MKTEMP" ] && find_mktemp
case "$MKTEMP" in case "$MKTEMP" in
BSD)
mktemp -d /tmp/shorewall.XXXXXX
;;
STD) STD)
mktemp -td shorewall.XXXXXX mktemp -td shorewall.XXXXXX
;; ;;
None) None|BSD)
mkdir /tmp/shorewall-$$ && echo /tmp/shorewall-$$ #
# Not all versions of the BSD mktemp support the -d option under Linux
#
mkdir /tmp/shorewall-$$ && chmod 700 /tmp/shorewall-$$ && echo /tmp/shorewall-$$
;; ;;
*) *)
echo " ERROR:Internal error in mktempdir" echo " ERROR:Internal error in mktempdir"

5
STABLE/releasenotes.txt
View File

@ -49,6 +49,11 @@ Problems Corrected since version 1.4.9:
13. The rfc1918 file has been updated. 13. The rfc1918 file has been updated.
14. An exploitable vulnerability that allows local non-root users to
cause arbitrary files to be overwritten has been eliminated.
15) The security vulnerability fix failed under Slackware 9.1.
Migration Issues: Migration Issues:
None. None.

2
STABLE2/changelog.txt
View File

@ -38,3 +38,5 @@ Changes since 2.0.2
17) Fix bogus code in process_tc_rule() 17) Fix bogus code in process_tc_rule()
18) Fix security vulnerability involving temporary files/directories. 18) Fix security vulnerability involving temporary files/directories.
19) Hack security fix so that it works under Slackware.

12
STABLE2/functions
View File

@ -407,20 +407,20 @@ mktempdir() {
[ -z "$MKTEMP" ] && find_mktemp [ -z "$MKTEMP" ] && find_mktemp
case "$MKTEMP" in case "$MKTEMP" in
BSD)
mktemp -d /tmp/shorewall.XXXXXX
;;
STD) STD)
mktemp -td shorewall.XXXXXX mktemp -td shorewall.XXXXXX
;; ;;
None) None|BSD)
mkdir /tmp/shorewall-$$ && echo /tmp/shorewall-$$ #
# Not all versions of the BSD mktemp support the -d option under Linux
#
mkdir /tmp/shorewall-$$ && chmod 700 /tmp/shorewall-$$ && echo /tmp/shorewall-$$
;; ;;
*) *)
echo " ERROR:Internal error in mktempdir" echo " ERROR:Internal error in mktempdir"
;; ;;
esac esac
} }
# #
# Read a file and handle "INCLUDE" directives # Read a file and handle "INCLUDE" directives

4
STABLE2/releasenotes.txt
View File

@ -1,4 +1,4 @@
Shorewall 2.0.3 Shorewall 2.0.3b
---------------------------------------------------------------------- ----------------------------------------------------------------------
Problems Corrected since 2.0.2 Problems Corrected since 2.0.2
@ -52,6 +52,8 @@ Problems Corrected since 2.0.3
2) A potential security vulnerablilty in the way that Shorewall 2) A potential security vulnerablilty in the way that Shorewall
handles temporary files and directories has been corrected. handles temporary files and directories has been corrected.
3) The security vulnerability fix failed under Slackware 9.1.
----------------------------------------------------------------------- -----------------------------------------------------------------------
Issues when migrating from Shorewall 2.0.2 to Shorewall 2.0.3: Issues when migrating from Shorewall 2.0.2 to Shorewall 2.0.3: