diff options
| author | wtchang%redhat.com <devnull@localhost> | 2006-09-11 23:14:26 +0000 |
|---|---|---|
| committer | wtchang%redhat.com <devnull@localhost> | 2006-09-11 23:14:26 +0000 |
| commit | 073fe43da5f8fb1ec1696f1b5f001770b16a02be (patch) | |
| tree | b76a9173650eeae8ff06789c7a233fffcdf2b26d | |
| parent | aad5fb68daf7c0c6ce386631db0be947428311e7 (diff) | |
| download | nspr-hg-073fe43da5f8fb1ec1696f1b5f001770b16a02be.tar.gz | |
351470: setuid root programs linked with NSPR allow elevation of privilege.
patch #1. r=nelson, sr=wtc
Tag: MOZILLA_1_8_BRANCH
| -rw-r--r-- | pr/src/io/prlog.c | 8 | ||||
| -rw-r--r-- | pr/src/misc/prtrace.c | 16 |
2 files changed, 15 insertions, 9 deletions
diff --git a/pr/src/io/prlog.c b/pr/src/io/prlog.c index ab348d4f..56573f2f 100644 --- a/pr/src/io/prlog.c +++ b/pr/src/io/prlog.c @@ -255,6 +255,12 @@ void _PR_InitLog(void) } PR_SetLogBuffering(isSync ? bufSize : 0); +#ifdef XP_UNIX + if (getuid() != geteuid()) { + return; + } +#endif /* XP_UNIX */ + ev = PR_GetEnv("NSPR_LOG_FILE"); if (ev && ev[0]) { if (!PR_SetLogFile(ev)) { @@ -293,10 +299,12 @@ void _PR_LogCleanup(void) #endif ) { fclose(logFile); + logFile = NULL; } #else if (logFile && logFile != _pr_stdout && logFile != _pr_stderr) { PR_Close(logFile); + logFile = NULL; } #endif diff --git a/pr/src/misc/prtrace.c b/pr/src/misc/prtrace.c index d26f5027..628e0f83 100644 --- a/pr/src/misc/prtrace.c +++ b/pr/src/misc/prtrace.c @@ -45,15 +45,7 @@ */ #include <string.h> -#include "prtrace.h" -#include "prclist.h" -#include "prlock.h" -#include "prcvar.h" -#include "prio.h" -#include "prlog.h" -#include "prenv.h" -#include "prmem.h" -#include "prerror.h" +#include "primpl.h" #define DEFAULT_TRACE_BUFSIZE ( 1024 * 1024 ) @@ -697,6 +689,12 @@ static PRFileDesc * InitializeRecording( void ) logLostData = 0; /* reset at entry */ logState = LogReset; +#ifdef XP_UNIX + if (getuid() != geteuid()) { + return NULL; + } +#endif /* XP_UNIX */ + /* Get the filename for the logfile from the environment */ logFileName = PR_GetEnv( "NSPR_TRACE_LOG" ); if ( logFileName == NULL ) |