Summary: | ports/security/cfs: cfssh(1) creates insecure directory | ||||||
---|---|---|---|---|---|---|---|
Product: | Ports & Packages | Reporter: | Martin Kammerhofer <dada> | ||||
Component: | Individual Port(s) | Assignee: | Brian Feldman <green> | ||||
Status: | Closed FIXED | ||||||
Severity: | Affects Only Me | ||||||
Priority: | Normal | ||||||
Version: | Latest | ||||||
Hardware: | Any | ||||||
OS: | Any | ||||||
Attachments: |
|
Description
Martin Kammerhofer
2004-04-16 14:20:21 UTC
Here is a more comprehensive patch: <-----------------cut here---------------------------------------------- diff -ruN cfs/files/patch-ac /usr/ports/security/cfs/files/patch-ac --- cfs/files/patch-ac Tue May 23 03:02:39 2000 +++ /usr/ports/security/cfs/files/patch-ac Thu Jan 22 14:42:04 2004 @@ -1,8 +1,23 @@ ---- cfssh.orig Mon May 22 20:56:00 2000 -+++ cfssh Mon May 22 20:56:11 2000 -@@ -1,4 +1,4 @@ +--- cfssh.orig Wed Dec 3 22:21:40 1997 ++++ cfssh Thu Jan 22 14:38:48 2004 +@@ -1,11 +1,11 @@ -#!/bin/ksh +#!/bin/sh - if [ -z "$1" ]; then +-if [ -z "$1" ]; then ++if [ ! -d "$1" ]; then echo Usage: cfssh directory + exit + fi + export PS1="crypto:`basename $1`$ " +-D=.$RANDOM.$RANDOM ++D=$(basename $(mktemp -u /tmp/.XXXXXXXXXXXXX)) + cattach $1 $D || exit 1 + echo "Directory is /crypt/$D" + cd /crypt/$D +@@ -13,5 +13,4 @@ + CWD=`/bin/pwd` + D=`basename $CWD` + PWD=$CWD +-export RANDOM=0 + exec /bin/sh -c "$SHELL ; cdetach $D" diff -ruN cfs/files/patch-ag /usr/ports/security/cfs/files/patch-ag --- cfs/files/patch-ag Thu Jan 1 01:00:00 1970 +++ /usr/ports/security/cfs/files/patch-ag Thu Jan 22 14:50:21 2004 @@ -0,0 +1,8 @@ +--- cfssh.1.orig Wed Dec 3 22:21:43 1997 ++++ cfssh.1 Thu Jan 22 14:49:21 2004 +@@ -1,4 +1,4 @@ +-.TH SSH 1 "" ++.TH CFSSH 1 "" + .SH NAME + cfssh - (somewhat) secure CFS shell + .SH SYNOPSIS Responsible Changed From-To: freebsd-ports-bugs->green Over to maintainer. State Changed From-To: open->closed Fixed; thanks! |