Message ID | 20240411152016.1185109-1-ben.hutchings@mind.be |
---|---|
State | Accepted |
Headers | show |
Series | package/skeleton-init-sysv: Set sticky bit on /dev/shm | expand |
Ben, All, On 2024-04-11 17:20 +0200, Ben Hutchings via buildroot spake thusly: > /dev/shm is a world-writable directory, like /tmp, and should also > have the sticky bit set. Without this, any user can delete and > replace another user's files in /dev/shm. Indeed, good catch! > This bug has been present since /dev/shm was added to the skeleton > /etc/fstab, but appears to have been fixed for systems using systemd > by commit 76fc9275f14e "system: separate sysv and systemd parts of the > skeleton" which went into Buildroot 2017.08. > > Signed-off-by: Ben Hutchings <ben.hutchings@mind.be> > Fixes: 22fde22e35f98f7830c2f8955465532328348cd1 Applied to master, thanks. Regards, Yann E. MORIN. > --- > package/skeleton-init-sysv/skeleton/etc/fstab | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/package/skeleton-init-sysv/skeleton/etc/fstab b/package/skeleton-init-sysv/skeleton/etc/fstab > index 169054b74f..06c20fe9d5 100644 > --- a/package/skeleton-init-sysv/skeleton/etc/fstab > +++ b/package/skeleton-init-sysv/skeleton/etc/fstab > @@ -2,7 +2,7 @@ > /dev/root / ext2 rw,noauto 0 1 > proc /proc proc defaults 0 0 > devpts /dev/pts devpts defaults,gid=5,mode=620,ptmxmode=0666 0 0 > -tmpfs /dev/shm tmpfs mode=0777 0 0 > +tmpfs /dev/shm tmpfs mode=1777 0 0 > tmpfs /tmp tmpfs mode=1777 0 0 > tmpfs /run tmpfs mode=0755,nosuid,nodev 0 0 > sysfs /sys sysfs defaults 0 0 > -- > 2.39.2 > > _______________________________________________ > buildroot mailing list > buildroot@buildroot.org > https://lists.buildroot.org/mailman/listinfo/buildroot
On Thu, Apr 11, 2024 at 05:31:02PM +0200, Ben Hutchings wrote: > Buildroot is a Linux distribution and system builder for embedded > systems. Starting in Buildroot 2011.08, its default /etc/fstab > included an entry for /dev/shm with incorrect permissons (sticky bit > not set). (CWE-276) > > Buildroot 2017.08 removed this entry for systems using systemd, and it > has never been included for systems using OpenRC. So this only > affects Buildroot-built systems that use sysvinit, and some older > systems that use systemd. [...] This has been assigned CVE-2024-34455. Ben.
Ben, All, On 2024-05-06 12:24 +0200, Ben Hutchings via buildroot spake thusly: > On Thu, Apr 11, 2024 at 05:31:02PM +0200, Ben Hutchings wrote: > > Buildroot is a Linux distribution and system builder for embedded > > systems. Starting in Buildroot 2011.08, its default /etc/fstab > > included an entry for /dev/shm with incorrect permissons (sticky bit > > not set). (CWE-276) > > > > Buildroot 2017.08 removed this entry for systems using systemd, and it > > has never been included for systems using OpenRC. So this only > > affects Buildroot-built systems that use sysvinit, and some older > > systems that use systemd. > [...] > > This has been assigned CVE-2024-34455. Thanks for th efeedback. The fix has already been committed, with commit 0b2967e158 (package/skeleton-init-sysv: Set sticky bit on /dev/shm) that I applied on 2024-04-11. Regards, Yann E. MORIN.
>>>>> "Ben" == Ben Hutchings via buildroot <buildroot@buildroot.org> writes: > /dev/shm is a world-writable directory, like /tmp, and should also > have the sticky bit set. Without this, any user can delete and > replace another user's files in /dev/shm. > This bug has been present since /dev/shm was added to the skeleton > /etc/fstab, but appears to have been fixed for systems using systemd > by commit 76fc9275f14e "system: separate sysv and systemd parts of the > skeleton" which went into Buildroot 2017.08. > Signed-off-by: Ben Hutchings <ben.hutchings@mind.be> > Fixes: 22fde22e35f98f7830c2f8955465532328348cd1 Committed to 2024.02.x, thanks.
>>>>> "Yann" == Yann E MORIN <yann.morin.1998@free.fr> writes: > Ben, All, > On 2024-05-06 12:24 +0200, Ben Hutchings via buildroot spake thusly: >> On Thu, Apr 11, 2024 at 05:31:02PM +0200, Ben Hutchings wrote: >> > Buildroot is a Linux distribution and system builder for embedded >> > systems. Starting in Buildroot 2011.08, its default /etc/fstab >> > included an entry for /dev/shm with incorrect permissons (sticky bit >> > not set). (CWE-276) >> > >> > Buildroot 2017.08 removed this entry for systems using systemd, and it >> > has never been included for systems using OpenRC. So this only >> > affects Buildroot-built systems that use sysvinit, and some older >> > systems that use systemd. >> [...] >> >> This has been assigned CVE-2024-34455. > Thanks for th efeedback. The fix has already been committed, with commit > 0b2967e158 (package/skeleton-init-sysv: Set sticky bit on /dev/shm) that > I applied on 2024-04-11. And it is included in the recently released 2024.02.2 rlease: https://lore.kernel.org/buildroot/874jbaxb7g.fsf@dell.be.48ers.dk/T/#u
diff --git a/package/skeleton-init-sysv/skeleton/etc/fstab b/package/skeleton-init-sysv/skeleton/etc/fstab index 169054b74f..06c20fe9d5 100644 --- a/package/skeleton-init-sysv/skeleton/etc/fstab +++ b/package/skeleton-init-sysv/skeleton/etc/fstab @@ -2,7 +2,7 @@ /dev/root / ext2 rw,noauto 0 1 proc /proc proc defaults 0 0 devpts /dev/pts devpts defaults,gid=5,mode=620,ptmxmode=0666 0 0 -tmpfs /dev/shm tmpfs mode=0777 0 0 +tmpfs /dev/shm tmpfs mode=1777 0 0 tmpfs /tmp tmpfs mode=1777 0 0 tmpfs /run tmpfs mode=0755,nosuid,nodev 0 0 sysfs /sys sysfs defaults 0 0
/dev/shm is a world-writable directory, like /tmp, and should also have the sticky bit set. Without this, any user can delete and replace another user's files in /dev/shm. This bug has been present since /dev/shm was added to the skeleton /etc/fstab, but appears to have been fixed for systems using systemd by commit 76fc9275f14e "system: separate sysv and systemd parts of the skeleton" which went into Buildroot 2017.08. Signed-off-by: Ben Hutchings <ben.hutchings@mind.be> Fixes: 22fde22e35f98f7830c2f8955465532328348cd1 --- package/skeleton-init-sysv/skeleton/etc/fstab | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)