about summary refs log tree commit diff
path: root/configure
diff options
context:
space:
mode:
authorCarlos O'Donell <carlos@redhat.com>2013-07-19 02:42:03 -0400
committerCarlos O'Donell <carlos@redhat.com>2013-07-21 15:39:55 -0400
commite4608715e6e1dd2adc91982fd151d5ba4f761d69 (patch)
tree04bc13d3736e14045f0f9fc37e0303a067f943cf /configure
parentda2d62df77de66e5de5755228759f8bc18481871 (diff)
downloadglibc-e4608715e6e1dd2adc91982fd151d5ba4f761d69.tar.gz
glibc-e4608715e6e1dd2adc91982fd151d5ba4f761d69.tar.xz
glibc-e4608715e6e1dd2adc91982fd151d5ba4f761d69.zip
CVE-2013-2207, BZ #15755: Disable pt_chown.
The helper binary pt_chown tricked into granting access to another
user's pseudo-terminal.

Pre-conditions for the attack:

 * Attacker with local user account
 * Kernel with FUSE support
 * "user_allow_other" in /etc/fuse.conf
 * Victim with allocated slave in /dev/pts

Using the setuid installed pt_chown and a weak check on whether a file
descriptor is a tty, an attacker could fake a pty check using FUSE and
trick pt_chown to grant ownership of a pty descriptor that the current
user does not own.  It cannot access /dev/pts/ptmx however.

In most modern distributions pt_chown is not needed because devpts
is enabled by default. The fix for this CVE is to disable building
and using pt_chown by default. We still provide a configure option
to enable hte use of pt_chown but distributions do so at their own
risk.
Diffstat (limited to 'configure')
-rwxr-xr-xconfigure16
1 files changed, 16 insertions, 0 deletions
diff --git a/configure b/configure
index 59a69f634f..1ee4c42003 100755
--- a/configure
+++ b/configure
@@ -647,6 +647,7 @@ multi_arch
 base_machine
 add_on_subdirs
 add_ons
+build_pt_chown
 build_nscd
 link_obsolete_rpc
 libc_cv_nss_crypt
@@ -756,6 +757,7 @@ enable_obsolete_rpc
 enable_systemtap
 enable_build_nscd
 enable_nscd
+enable_pt_chown
 with_cpu
 '
       ac_precious_vars='build_alias
@@ -1421,6 +1423,7 @@ Optional Features:
   --enable-systemtap      enable systemtap static probe points [default=no]
   --disable-build-nscd    disable building and installing the nscd daemon
   --disable-nscd          library functions will not contact the nscd daemon
+  --enable-pt_chown       Enable building and installing pt_chown
 
 Optional Packages:
   --with-PACKAGE[=ARG]    use PACKAGE [ARG=yes]
@@ -3711,6 +3714,19 @@ else
 fi
 
 
+# Check whether --enable-pt_chown was given.
+if test "${enable_pt_chown+set}" = set; then :
+  enableval=$enable_pt_chown; build_pt_chown=$enableval
+else
+  build_pt_chown=no
+fi
+
+
+if test $build_pt_chown = yes; then
+  $as_echo "#define HAVE_PT_CHOWN 1" >>confdefs.h
+
+fi
+
 # The way shlib-versions is used to generate soversions.mk uses a
 # fairly simplistic model for name recognition that can't distinguish
 # i486-pc-linux-gnu fully from i486-pc-gnu.  So we mutate a $host_os