From fc1a78d8e9b958f3d65fe1c03494d785314f9816 Mon Sep 17 00:00:00 2001 From: Michael Vogt Date: Wed, 11 Jun 2014 15:31:38 +0200 Subject: DropPrivs in the solvers (just to be on the safe side) --- apt-pkg/contrib/fileutl.h | 3 +++ 1 file changed, 3 insertions(+) (limited to 'apt-pkg/contrib/fileutl.h') diff --git a/apt-pkg/contrib/fileutl.h b/apt-pkg/contrib/fileutl.h index cc1a98eae..683c04157 100644 --- a/apt-pkg/contrib/fileutl.h +++ b/apt-pkg/contrib/fileutl.h @@ -191,6 +191,9 @@ pid_t ExecFork(std::set keep_fds); void MergeKeepFdsFromConfiguration(std::set &keep_fds); bool ExecWait(pid_t Pid,const char *Name,bool Reap = false); +// process releated +bool DropPrivs(); + // File string manipulators std::string flNotDir(std::string File); std::string flNotFile(std::string File); -- cgit v1.2.3 From ca7fd76c2f30c100dcf1c12e717ce397cccd690b Mon Sep 17 00:00:00 2001 From: Michael Vogt Date: Tue, 16 Sep 2014 20:23:43 +0200 Subject: SECURITY UPDATE for CVE-2014-{0488,0487,0489} incorrect invalidating of unauthenticated data (CVE-2014-0488) incorect verification of 304 reply (CVE-2014-0487) incorrect verification of Acquire::Gzip indexes (CVE-2014-0489) --- apt-pkg/contrib/fileutl.h | 2 ++ 1 file changed, 2 insertions(+) (limited to 'apt-pkg/contrib/fileutl.h') diff --git a/apt-pkg/contrib/fileutl.h b/apt-pkg/contrib/fileutl.h index cc1a98eae..667057067 100644 --- a/apt-pkg/contrib/fileutl.h +++ b/apt-pkg/contrib/fileutl.h @@ -85,7 +85,9 @@ class FileFd bool Skip(unsigned long long To); bool Truncate(unsigned long long To); unsigned long long Tell(); + // the size of the file content (compressed files will be uncompressed first) unsigned long long Size(); + // the size of the file itself unsigned long long FileSize(); time_t ModificationTime(); -- cgit v1.2.3 From 13a28d8549015d2b55fadef450bc56327b4ca7a2 Mon Sep 17 00:00:00 2001 From: Julian Andres Klode Date: Wed, 24 Sep 2014 22:28:44 +0200 Subject: DropPrivs: Document what it does Git-Dch: ignore --- apt-pkg/contrib/fileutl.h | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) (limited to 'apt-pkg/contrib/fileutl.h') diff --git a/apt-pkg/contrib/fileutl.h b/apt-pkg/contrib/fileutl.h index a8e255b86..9dd29eb9e 100644 --- a/apt-pkg/contrib/fileutl.h +++ b/apt-pkg/contrib/fileutl.h @@ -199,7 +199,17 @@ bool ExecWait(pid_t Pid,const char *Name,bool Reap = false); // check if the given file starts with a PGP cleartext signature bool StartsWithGPGClearTextSignature(std::string const &FileName); -// process releated +/** + * \brief Drop privileges + * + * Drop the privileges to the user _apt (or the one specified in + * APT::Sandbox::User). This does not set the supplementary group + * ids up correctly, it only uses the default group. Also prevent + * the process from gaining any new privileges afterwards, at least + * on Linux. + * + * \return true on success, false on failure with _error set + */ bool DropPrivs(); // File string manipulators -- cgit v1.2.3