42920 – [MAINTAINER PATCH] [SECURITY] Update for editors/joe - drop sgid/suid on backup files

Bug 42920 - [MAINTAINER PATCH] [SECURITY] Update for editors/joe - drop sgid/suid on backup files

Summary: [MAINTAINER PATCH] [SECURITY] Update for editors/joe - drop sgid/suid on back...

Status:	Closed FIXED

Alias:	None

Product:	Ports & Packages
Classification:	Unclassified
Component:	Individual Port(s) (show other bugs)
Version:	Latest
Hardware:	Any Any

Importance:	Normal Affects Only Me
Assignee:	freebsd-ports (Nobody)

URL:
Keywords:

Depends on:
Blocks:

Reported:	2002-09-18 08:30 UTC by toasty
Modified:	2002-09-18 12:13 UTC (History)
CC List:	0 users

See Also:

Attachments
file.diff (292 bytes, patch) 2002-09-18 08:30 UTC, toasty	no flags	Details \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description toasty 2002-09-18 08:30:08 UTC

A post on Bugtraq (<20020917183024.GA7393@yakuza.salon.cz>) brought up a
somewhat minor flaw in the JOE editor. Backups of sgid/suid files should
drop the sgid/suid bits, because backup files are owned by the user running
joe, not the owner of the file.

Fix: Add patch-ak to ports/editors/files:
How-To-Repeat: 

Create a file such as this:

-rwsr-sr-x  1 toasty  toasty  2 Sep 18 02:00 test.file

As root, open/save it, and this backup file is created:

-rwsr-sr-x  1 root    wheel   2 Sep 18 01:58 test.file~


It would require some impressive social engineering to take advantage of
this, but it's still not a good idea.

Comment 1 Ying-Chieh Liao freebsd_committer

2002-09-18 12:13:29 UTC

State Changed
From-To: open->closed

committed, thanks