webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-27 11:13:24 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
daf400fa4d61a02eb17e24d29be01d2bbaa35f31
bpfire/src/patches/sudo-1.6.8p12-envvar_fix-1.patch
ms c96732622b Hinzugefügt: 
* Xinetd - Super-Daemon
  * Sudo


git-svn-id: http://svn.ipfire.org/svn/ipfire/trunk@98 ea5c0bd1-69bd-2848-81d8-4f18e57aeed8
2006-04-10 18:39:59 +00:00

60 lines
2.5 KiB
Diff
Raw Blame History

Submitted By: Archaic (archaic -aT- linuxfromscratch -DoT- org)
Date: 2005-01-17
Initial Package Version: 1.6.8p12
Origin: Upstream CVS
Upstream Status: In CVS
Description: (CVE-2005-4158) Sudo before 1.6.8 p12, when the Perl taint flag is
off, does not clear the PERLLIB, PERL5LIB, and PERL5OPT environment
variables, which allows limited local users to cause a Perl script
to include and execute arbitrary library files that have the same
name as library files that are included by the script.
Additionally, more variables beyond perl were added to the
blacklist and comments were added to the variables.
diff -Naur sudo-1.6.8p12.orig/env.c sudo-1.6.8p12/env.c
--- sudo-1.6.8p12.orig/env.c 2005-11-08 18:21:33.000000000 +0000
+++ sudo-1.6.8p12/env.c 2006-01-18 00:35:17.000000000 +0000
@@ -118,18 +118,31 @@
"USR_ACE",
"DLC_ACE",
#endif /* HAVE_SECURID */
- "TERMINFO",
- "TERMINFO_DIRS",
- "TERMPATH",
+ "TERMINFO", /* terminfo, exclusive path to terminfo files */
+ "TERMINFO_DIRS", /* terminfo, path(s) to terminfo files */
+ "TERMPATH", /* termcap, path(s) to termcap files */
"TERMCAP", /* XXX - only if it starts with '/' */
- "ENV",
- "BASH_ENV",
- "PS4",
- "SHELLOPTS",
- "JAVA_TOOL_OPTIONS",
- "PERLLIB",
- "PERL5LIB",
- "PERL5OPT",
+ "ENV", /* ksh, file to source before script runs */
+ "BASH_ENV", /* bash, file to source before script runs */
+ "PS4", /* bash, prefix for lines in xtrace mode */
+ "GLOBIGNORE", /* bash, globbing patterns to ignore */
+ "SHELLOPTS", /* bash, extra command line options */
+ "JAVA_TOOL_OPTIONS", /* java, extra command line options */
+ "PERLIO_DEBUG ", /* perl, debugging output file */
+ "PERLLIB", /* perl, search path for modules/includes */
+ "PERL5LIB", /* perl 5, search path for modules/includes */
+ "PERL5OPT", /* perl 5, extra command line options */
+ "PERL5DB", /* perl 5, command used to load debugger */
+ "FPATH", /* ksh, search path for functions */
+ "NULLCMD", /* zsh, command for null file redirection */
+ "READNULLCMD", /* zsh, command for null file redirection */
+ "ZDOTDIR", /* zsh, search path for dot files */
+ "TMPPREFIX", /* zsh, prefix for temporary files */
+ "PYTHONHOME", /* python, module search path */
+ "PYTHONPATH", /* python, search path */
+ "PYTHONINSPEC", /* python, allow inspection */
+ "RUBYLIB", /* ruby, library load path */
+ "RUBYOPT", /* ruby, extra command line options */
NULL
};
Reference in New Issue View Git Blame Copy Permalink