[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [PATCH master f14-branch] (take 2) Fix permissions of wepkey file to 0600 (#636099)



On Thu, 2010-10-07 at 17:44 +0200, Radek Vykydal wrote:
> I forgot to fix stage 1 in take 1 of the patch.
> As it may be security issue, and it is well isolated, I'd like
> to pull it in F14 too. Tested to build, I think I'll be able to test
> the functionality too (tomorrow).

If you want it in F14, set the bug to block F14Blocker, along with a
brief case for why your bug should be a blocker. There's a meeting on
Friday to discuss blockers, and a good chance this will qualify for a
"nice to have".

Dave

> 
> ---
>  loader/net.c          |    7 ++++++-
>  pyanaconda/network.py |    2 +-
>  2 files changed, 7 insertions(+), 2 deletions(-)
> 
> diff --git a/loader/net.c b/loader/net.c
> index 1f0c2a9..6992b3b 100644
> --- a/loader/net.c
> +++ b/loader/net.c
> @@ -1521,13 +1521,18 @@ int writeEnabledNetInfo(iface_t *iface) {
>  
>          fprintf(fp, "KEY1=%s\n", iface->wepkey);
>  
> -
>          if (fclose(fp) == EOF) {
>              free(ofile);
>              free(nfile);
>              return 24;
>          }
>  
> +        if (chmod(ofile, S_IRUSR | S_IWUSR) == -1) {
> +            free(ofile);
> +            free(nfile);
> +            return 26;
> +        }
> +
>          if (rename(ofile, nfile) == -1) {
>              free(ofile);
>              free(nfile);
> diff --git a/pyanaconda/network.py b/pyanaconda/network.py
> index 9c77c9d..9c16041 100644
> --- a/pyanaconda/network.py
> +++ b/pyanaconda/network.py
> @@ -278,7 +278,7 @@ class NetworkDevice(IfcfgFile):
>          os.write(fd, "KEY1=%s\n" % self.wepkey)
>          os.close(fd)
>  
> -        os.chmod(newifcfg, 0644)
> +        os.chmod(newifcfg, 0600)
>          try:
>              os.remove(keyfile)
>          except OSError as e:



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]