diff options
Diffstat (limited to 'dev-python/pyxdg/files/sec-patch-CVE-2014-1624.patch')
| -rw-r--r-- | dev-python/pyxdg/files/sec-patch-CVE-2014-1624.patch | 54 |
1 files changed, 54 insertions, 0 deletions
diff --git a/dev-python/pyxdg/files/sec-patch-CVE-2014-1624.patch b/dev-python/pyxdg/files/sec-patch-CVE-2014-1624.patch new file mode 100644 index 00000000000..d94c0a42bdd --- /dev/null +++ b/dev-python/pyxdg/files/sec-patch-CVE-2014-1624.patch @@ -0,0 +1,54 @@ +Improve security of get_runtime_dir(strict=False) +https://github.com/takluyver/pyxdg/commit/bd999c1c3fe7ee5f30ede2cf704cf03e400347b4 +diff --git a/xdg/BaseDirectory.py b/xdg/BaseDirectory.py +index cececa3..a7c31b1 100644 +--- a/xdg/BaseDirectory.py ++++ b/xdg/BaseDirectory.py +@@ -25,7 +25,7 @@ + Note: see the rox.Options module for a higher-level API for managing options. + """ + +-import os ++import os, stat + + _home = os.path.expanduser('~') + xdg_data_home = os.environ.get('XDG_DATA_HOME') or \ +@@ -131,15 +131,30 @@ def get_runtime_dir(strict=True): + + import getpass + fallback = '/tmp/pyxdg-runtime-dir-fallback-' + getpass.getuser() ++ create = False ++ + try: +- os.mkdir(fallback, 0o700) ++ # This must be a real directory, not a symlink, so attackers can't ++ # point it elsewhere. So we use lstat to check it. ++ st = os.lstat(fallback) + except OSError as e: + import errno +- if e.errno == errno.EEXIST: +- # Already exists - set 700 permissions again. +- import stat +- os.chmod(fallback, stat.S_IRUSR|stat.S_IWUSR|stat.S_IXUSR) +- else: # pragma: no cover ++ if e.errno == errno.ENOENT: ++ create = True ++ else: + raise +- ++ else: ++ # The fallback must be a directory ++ if not stat.S_ISDIR(st.st_mode): ++ os.unlink(fallback) ++ create = True ++ # Must be owned by the user and not accessible by anyone else ++ elif (st.st_uid != os.getuid()) \ ++ or (st.st_mode & (stat.S_IRWXG | stat.S_IRWXO)): ++ os.rmdir(fallback) ++ create = True ++ ++ if create: ++ os.mkdir(fallback, 0o700) ++ + return fallback + |