commit ae3ae2ac7a8b698402386bb75f086a8d6b8bc86d Author: Juergen Daubert <jue@jue.li> Date: Thu Aug 30 10:41:01 2007 +0200 slocate: update to 3.1 diff --git a/slocate/.footprint b/slocate/.footprint index 04aa8a3..08c8d5f 100644 --- a/slocate/.footprint +++ b/slocate/.footprint @@ -2,14 +2,17 @@ drwxr-xr-x root/root etc/ drwxr-xr-x root/root etc/cron/ drwxr-xr-x root/root etc/cron/daily/ -rwxr-xr-x root/root etc/cron/daily/slocate +-rw-r--r-- root/root etc/updatedb.conf drwxr-xr-x root/root usr/ drwxr-xr-x root/root usr/bin/ lrwxrwxrwx root/root usr/bin/locate -> slocate -rwxr-sr-x root/slocate usr/bin/slocate +lrwxrwxrwx root/root usr/bin/updatedb -> slocate drwxr-xr-x root/root usr/man/ drwxr-xr-x root/root usr/man/man1/ lrwxrwxrwx root/root usr/man/man1/locate.1.gz -> slocate.1.gz -rw-r--r-- root/root usr/man/man1/slocate.1.gz +-rw-r--r-- root/root usr/man/man1/updatedb.1.gz drwxr-xr-x root/root var/ drwxr-xr-x root/root var/lib/ drwxr-x--- root/slocate var/lib/slocate/ diff --git a/slocate/.md5sum b/slocate/.md5sum index 56173bf..1d528ca 100644 --- a/slocate/.md5sum +++ b/slocate/.md5sum @@ -1,3 +1,4 @@ -5cf4f530f0a5b78967bf8f43a3fea617 slocate -660bf796027941744970242c7cd4ac70 slocate-2.7.patch -4872830642ea2ed5f9aff932720583c9 slocate-2.7.tar.gz +7aa005d9c9f39f18896e68af6cb301f0 CVE-2007-0227.patch +8f0b2571a7a6abf2cb519f85c5225436 slocate +69b45865ebce0cbfeb430381f0eb8b51 slocate_3.1.orig.tar.gz +4203633cf028280a596b00b33455c181 updatedb.conf diff --git a/slocate/CVE-2007-0227.patch b/slocate/CVE-2007-0227.patch new file mode 100644 index 0000000..4f10992 --- /dev/null +++ b/slocate/CVE-2007-0227.patch @@ -0,0 +1,42 @@ +--- slocate-3.1.orig/src/utils.c ++++ slocate-3.1/src/utils.c +@@ -524,6 +524,7 @@ + { + struct stat path_stat; + int ret = 0; ++ char *path_copy = NULL; + char *ptr = NULL; + + if (lstat(path, &path_stat) == -1) +@@ -532,15 +533,25 @@ + if (!S_ISLNK(path_stat.st_mode)) { + if (access(path, F_OK) != 0) + goto EXIT; +- } else if ((ptr = rindex(path, '/'))) { +- *ptr = 0; +- if (access(path, F_OK) == 0) +- ret = 1; +- *ptr = '/'; +- goto EXIT; + } + ++ /* "path" is const, so we shouldn't modify it. Also, for speed, ++ * I suspect strdup/free is less expensive than the deep access ++ * checks... */ ++ if (!(path_copy = strdup(path))) ++ goto EXIT; ++ + ret = 1; ++ ++ /* Each directory leading to the file (symlink or not) must be ++ * readable for us to allow it to be listed in search results. */ ++ while (ret && (ptr=rindex(path_copy,'/'))) { ++ *ptr=0; ++ if (*path_copy && access(path_copy, R_OK) != 0) ++ ret = 0; ++ } ++ free(path_copy); ++ + EXIT: + return ret; + } diff --git a/slocate/Pkgfile b/slocate/Pkgfile index ac46dab..69b68c2 100644 --- a/slocate/Pkgfile +++ b/slocate/Pkgfile @@ -1,28 +1,33 @@ # Description: Secure version of the GNU locate program -# URL: ftp://ftp.geekreview.org/slocate/ +# URL: http://packages.debian.org/unstable/utils/slocate # Maintainer: CRUX System Team, core-ports at crux dot nu name=slocate -version=2.7 -release=3 -source=(http://dl.sourceforge.net/sourceforge/$name/$name-$version.tar.gz \ - $name-$version.patch slocate) +version=3.1 +release=1 +source=(http://ftp.debian.org/debian/pool/main/s/$name/${name}_${version}.orig.tar.gz \ + slocate updatedb.conf CVE-2007-0227.patch) build() { cd $name-$version - patch -p1 < ../$name-$version.patch - touch Makefile.in - ./configure --prefix=/usr - make - mkdir -p $PKG/usr/bin $PKG/usr/man/man1 \ - $PKG/var/lib/slocate $PKG/etc/cron/daily - touch slocate.db - chmod 0750 $PKG/var/lib/slocate - chgrp slocate $PKG/var/lib/slocate - install -m 0640 -g slocate slocate.db $PKG/var/lib/slocate/slocate.db - install -m 2755 -g slocate slocate $PKG/usr/bin/slocate - install -m 0755 ../slocate $PKG/etc/cron/daily/slocate - install -m 0644 doc/slocate.1.linux.gz $PKG/usr/man/man1/slocate.1.gz + + patch -p1 -i $SRC/CVE-2007-0227.patch + sed -i "s/-O2/$CFLAGS/" src/Makefile + + make -j1 + + install -D -m 2755 -g slocate src/slocate $PKG/usr/bin/slocate ln -sf slocate $PKG/usr/bin/locate + ln -sf slocate $PKG/usr/bin/updatedb + + touch slocate.db + install -d -m 0750 -g slocate $PKG/var/lib/slocate + install -m 0640 -g slocate slocate.db $PKG/var/lib/slocate + + install -D -m 0755 $SRC/slocate $PKG/etc/cron/daily/slocate + install -m 0644 $SRC/updatedb.conf $PKG/etc + + install -D -m 0644 doc/slocate.1 $PKG/usr/man/man1/slocate.1 + install -m 0644 doc/updatedb.1 $PKG/usr/man/man1 ln -sf slocate.1.gz $PKG/usr/man/man1/locate.1.gz } diff --git a/slocate/slocate b/slocate/slocate old mode 100755 new mode 100644 index c5a4b0d..154de76 --- a/slocate/slocate +++ b/slocate/slocate @@ -1,9 +1,8 @@ #!/bin/sh # -# /etc/cron/daily/slocate: update the slocate database +# /etc/cron/daily/updatedb: update the slocate database # -/usr/bin/slocate -u -f proc,nfs,smbfs,autofs,auto,iso9660 \ - -e /tmp,/var/tmp,/var/spool,/mnt +/usr/bin/updatedb # End of file diff --git a/slocate/slocate-2.7.patch b/slocate/slocate-2.7.patch deleted file mode 100644 index ab27bff..0000000 --- a/slocate/slocate-2.7.patch +++ /dev/null @@ -1,93 +0,0 @@ -CAN-2003-0848: 'slocate' sgid privileges are now dropped when -searching databases that are not part of the 'slocate' group. This -will prevent malicious user supplied databases from giving access to -the 'slocate' group. Patch from Kevin Lindsay <klindsay@debian.org> - -diff -ru slocate-2.7/main.c slocate-2.7-new/main.c ---- slocate-2.7/main.c 2003-01-25 05:39:48.000000000 +0100 -+++ slocate-2.7-new/main.c 2004-03-28 12:01:45.256631896 +0200 -@@ -342,6 +342,9 @@ - char *part; - int i; - int res_errno; -+ char *tmp_ptr = NULL; -+ int last_sgid = 0; -+ struct stat db_stat; - - /* Make sure path is not empty */ - if (!path || strlen(path) == 0) return; -@@ -385,6 +388,28 @@ - - /* Null terminate array */ - SLOCATE_PATH[i] = NULL; -+ -+ /* Sort sgid slocate db's to the top */ -+ for (i = 0; SLOCATE_PATH[i]; i++) { -+ if (stat(SLOCATE_PATH[i], &db_stat) == -1) -+ report_error(FATAL, QUIET, "%s: Could not stat DB: %s: %s\n", progname, SLOCATE_PATH[i], strerror(errno)); -+ -+ if (db_stat.st_gid != SLOC_GID) -+ continue; -+ -+ if (i != last_sgid) { -+ tmp_ptr = SLOCATE_PATH[last_sgid]; -+ SLOCATE_PATH[last_sgid] = SLOCATE_PATH[i]; -+ SLOCATE_PATH[i] = tmp_ptr; -+ } -+ -+ last_sgid += 1; -+ -+ } -+ -+ /* for (i = 0; SLOCATE_PATH[i]; i++) -+ printf("%s\n", SLOCATE_PATH[i]); */ -+ - } - - /* Parse Dash */ -@@ -1154,6 +1179,22 @@ - char *cp=NULL; - #endif - char *bucket_of_holding=NULL; -+ gid_t cur_gid; -+ struct stat db_stat; -+ -+ cur_gid = getegid(); -+ -+ if (stat(database, &db_stat) == -1) -+ report_error(FATAL, QUIET, "%s: Could not stat '%d': %s\n", progname, strerror(errno)); -+ -+ /* If the database's file group is not apart of the 'slocate' group, -+ * drop privileges. When multiple databases are specified, the ones -+ * apart of the 'slocate' group will be searched first before the -+ * privileges are dropped. */ -+ if (cur_gid == SLOC_GID && db_stat.st_gid != SLOC_GID) { -+ if (setgid(GID) == -1) -+ report_error(FATAL, QUIET, "%s: Could not drop privileges.", progname); -+ } - - if ((fd = open(database,O_RDONLY)) == -1) { - report_error(WARNING,QUIET,"%s: decode_db(): %s: %s\n",progname,database,strerror(errno)); -@@ -1411,6 +1452,9 @@ - /* Get user IDs */ - UID = getuid(); - GID = getgid(); -+ -+ /* Get the 'slocate' group GID */ -+ SLOC_GID = get_gid(GRPFILE); - - /* Add the LOCATE_PATH environment variable to the list of databases to search in */ - parse_decode_path(getenv("LOCATE_PATH")); -@@ -1535,11 +1579,7 @@ - * with the -d option, etc */ - - if (ADD_SLOCATEDB) -- parse_decode_path(SLOCATEDB); -- -- /* Get the 'slocate' group GID */ -- SLOC_GID = get_gid(GRPFILE); -- -+ parse_decode_path(SLOCATEDB); - - /* if the -U option has been used, start to create the database at specified path */ - if (SPECDIR) diff --git a/slocate/updatedb.conf b/slocate/updatedb.conf new file mode 100644 index 0000000..875d47e --- /dev/null +++ b/slocate/updatedb.conf @@ -0,0 +1,13 @@ +# +# /etc/updatedb.conf +# +# This file sets environment variables which are +# used by updatedb and slocate -u + +# filesystems which are pruned from updatedb database +PRUNEFS="nfs afs proc smbfs autofs auto iso9660" +export PRUNEFS + +# paths which are pruned from updatedb database +PRUNEPATHS="/tmp /var/tmp /var/spool /mnt" +export PRUNEPATHS