GNU bug report logs -
#37744
Insecure permissions on /var/guix/profiles/per-user (CVE-2019-18192)
Previous Next
Reported by: Ludovic Courtès <ludo <at> gnu.org>
Date: Mon, 14 Oct 2019 07:48:02 UTC
Severity: important
Tags: security
Done: Ludovic Courtès <ludo <at> gnu.org>
Bug is archived. No further changes may be made.
Full log
Message #72 received at 37744 <at> debbugs.gnu.org (full text, mbox):
Tobias Geerinckx-Rice <me <at> tobias.gr> skribis:
> Ludovic Courtès 写道:
>> diff --git a/nix/libstore/local-store.cc
>> b/nix/libstore/local-store.cc
>> index 3b08492c64..3793382361 100644
>> --- a/nix/libstore/local-store.cc
>> +++ b/nix/libstore/local-store.cc
>> @@ -88,8 +88,9 @@ LocalStore::LocalStore(bool reserveSpace)
>> Path perUserDir = profilesDir + "/per-user";
>> createDirs(perUserDir);
>> - if (chmod(perUserDir.c_str(), 01777) == -1)
>> - throw SysError(format("could not set permissions on
>> '%1%' to 1777") % perUserDir);
>> + if (chmod(perUserDir.c_str(), 0755) == -1)
>> + throw SysError(format("could not set permissions on
>> '%1%' to 755")
>> + % perUserDir);
>> mode_t perm = 01775;
>
> This is inside
>
> if (getuid() == 0 && settings.buildUsersGroup != "") {
> …
> }
>
> It's not clear to me why the second condition here is relevant, but I
> don't have the big picture. Nor do I suspect I want it.
Yeah ‘settings.buildUsersGroup != ""’ probably doesn’t make all that
much sense here but it was already there and we strongly discourage
against root without ‘--build-users-group’ anyway.
Thanks for having lynx eyes! :-)
Ludo’.
This bug report was last modified 5 years and 300 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.