Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: Varnish: Bugs

#1153: No privilege seperation for cc-command

 

 

Varnish bugs RSS feed   Index | Next | Previous | View Threaded


varnish-bugs at varnish-cache

Jun 12, 2012, 1:09 AM

Post #1 of 2 (191 views)
Permalink
#1153: No privilege seperation for cc-command

#1153: No privilege seperation for cc-command
----------------------+-----------------------------------------------------
Reporter: kristian | Owner:
Type: defect | Status: new
Priority: normal | Milestone:
Component: varnishd | Version: 3.0.2
Severity: normal | Keywords:
----------------------+-----------------------------------------------------
In short:

{{{
param.set cc_command "id >> /tmp/bad_guy_was_here; exec gcc -std=gnu99 -g
-O2 -pthread -fpic -shared -Wl,-x -o %o %s "
}}}

lead to:

{{{
root [at] vac-agen:/etc# cat /tmp/bad_guy_was_here
uid=0(root) gid=0(root) groups=0(root)
uid=0(root) gid=0(root) groups=0(root)
uid=0(root) gid=0(root) groups=0(root)
uid=0(root) gid=0(root) groups=0(root)
}}}

The issue being that it's run as root, not that it works.

Not confirmed on master yet.

--
Ticket URL: <https://www.varnish-cache.org/trac/ticket/1153>
Varnish <https://varnish-cache.org/>
The Varnish HTTP Accelerator

_______________________________________________
varnish-bugs mailing list
varnish-bugs [at] varnish-cache
https://www.varnish-cache.org/lists/mailman/listinfo/varnish-bugs


varnish-bugs at varnish-cache

Jun 13, 2012, 1:03 AM

Post #2 of 2 (175 views)
Permalink
Re: #1153: No privilege seperation for cc-command [In reply to]

#1153: No privilege seperation for cc-command
----------------------+-----------------------------------------------------
Reporter: kristian | Owner:
Type: defect | Status: closed
Priority: normal | Milestone:
Component: varnishd | Version: 3.0.2
Severity: normal | Resolution: fixed
Keywords: |
----------------------+-----------------------------------------------------
Changes (by Poul-Henning Kamp <phk@…>):

* status: new => closed
* resolution: => fixed


Comment:

(In [b7175b38ad96ae57888e930a12cb88e33005178e]) Priv-sep vcc and cc also.

Fixes #1153

--
Ticket URL: <https://www.varnish-cache.org/trac/ticket/1153#comment:1>
Varnish <https://varnish-cache.org/>
The Varnish HTTP Accelerator

_______________________________________________
varnish-bugs mailing list
varnish-bugs [at] varnish-cache
https://www.varnish-cache.org/lists/mailman/listinfo/varnish-bugs

Varnish bugs RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.