Re: [Bug 830850] Re: mount.ecrpytfs_private sets group owner of /etc/mtab to user's primary group
Sure, no problem, Martin. Thanks! -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/830850 Title: mount.ecrpytfs_private sets group owner of /etc/mtab to user's primary group To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ecryptfs-utils/+bug/830850/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 830850] Re: mount.ecrpytfs_private sets group owner of /etc/mtab to user's primary group
This bug was fixed in the package ecryptfs-utils - 91-0ubuntu1 --- ecryptfs-utils (91-0ubuntu1) oneiric; urgency=low [ Diego E. "Flameeyes" Pettenò ] * configure.ac: - fix reliance on nss-config, which hinders cross-compilation [ Marc Deslauriers ] * src/utils/mount.ecryptfs_private.c: * SECURITY UPDATE: wrong mtab ownership and permissions (LP: #830850) - debian/patches/CVE-2011-3145.patch: also set gid and umask before updating mtab in src/utils/mount.ecryptfs_private.c. - CVE-2011-3145 -- Dustin KirklandWed, 31 Aug 2011 16:44:22 -0500 ** Changed in: ecryptfs-utils (Ubuntu Oneiric) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/830850 Title: mount.ecrpytfs_private sets group owner of /etc/mtab to user's primary group To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ecryptfs-utils/+bug/830850/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 830850] Re: mount.ecrpytfs_private sets group owner of /etc/mtab to user's primary group
I'm afraid we can't afford yet another respin, the release is today. But as this was fixed in stables, I suppose it can also be fixed with an update in oneiric. Moving milestone. ** Changed in: ecryptfs-utils (Ubuntu Oneiric) Milestone: ubuntu-11.10-beta-1 => ubuntu-11.10-beta-2 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/830850 Title: mount.ecrpytfs_private sets group owner of /etc/mtab to user's primary group To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ecryptfs-utils/+bug/830850/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 830850] Re: mount.ecrpytfs_private sets group owner of /etc/mtab to user's primary group
** Also affects: ecryptfs-utils (Ubuntu Oneiric) Importance: High Assignee: Marc Deslauriers (mdeslaur) Status: Fix Released ** Changed in: ecryptfs-utils (Ubuntu Oneiric) Milestone: None => oneiric-updates ** Changed in: ecryptfs-utils (Ubuntu Oneiric) Milestone: oneiric-updates => ubuntu-11.10-beta-1 ** Changed in: ecryptfs-utils (Ubuntu Oneiric) Status: Fix Released => Fix Committed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/830850 Title: mount.ecrpytfs_private sets group owner of /etc/mtab to user's primary group To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ecryptfs-utils/+bug/830850/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 830850] Re: mount.ecrpytfs_private sets group owner of /etc/mtab to user's primary group
Something is also creating /etc/mtab.fuselock with incorrect group. It doesn't always happen simultaneously though as on my system I found that /etc/mtab and /etc/mtab.fuselock had two different gropus (both incorrect). -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/830850 Title: mount.ecrpytfs_private sets group owner of /etc/mtab to user's primary group To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ecryptfs-utils/+bug/830850/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 830850] Re: mount.ecrpytfs_private sets group owner of /etc/mtab to user's primary group
** Visibility changed to: Public -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/830850 Title: mount.ecrpytfs_private sets group owner of /etc/mtab to user's primary group To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ecryptfs-utils/+bug/830850/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 830850] Re: mount.ecrpytfs_private sets group owner of /etc/mtab to user's primary group
This bug was fixed in the package ecryptfs-utils - 87-0ubuntu1.2 --- ecryptfs-utils (87-0ubuntu1.2) natty-security; urgency=low * SECURITY UPDATE: wrong mtab ownership and permissions (LP: #830850) - debian/patches/CVE-2011-3145.patch: also set gid and umask before updating mtab in src/utils/mount.ecryptfs_private.c. - CVE-2011-3145 -- Marc DeslauriersMon, 22 Aug 2011 14:10:47 -0400 ** Changed in: ecryptfs-utils (Ubuntu) Status: Confirmed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/830850 Title: mount.ecrpytfs_private sets group owner of /etc/mtab to user's primary group To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ecryptfs-utils/+bug/830850/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 830850] Re: mount.ecrpytfs_private sets group owner of /etc/mtab to user's primary group
Sigh. For the record, this issue existed prior to the recent fixes...sorry for missing it. Additionally, this by itself doesn't seem to be a vulnerability, since a mis-assigned group ID on mtab doesn't actually allow the unprivileged user to cross any privilege boundaries. But good catch, definitely a bug and worth fixing. The more problematic issue is that every setuid mount helper that doesn't explicitly set its umask prior to invoking setmntent() will create an mtab-like file that is potentially world-writable, opening a race window in the best-case scenario. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/830850 Title: mount.ecrpytfs_private sets group owner of /etc/mtab to user's primary group To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ecryptfs-utils/+bug/830850/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 830850] Re: mount.ecrpytfs_private sets group owner of /etc/mtab to user's primary group
Thanks for reporting this issue. We are working on a fix. ** Changed in: ecryptfs-utils (Ubuntu) Assignee: (unassigned) => Marc Deslauriers (mdeslaur) ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2011-3145 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/830850 Title: mount.ecrpytfs_private sets group owner of /etc/mtab to user's primary group To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ecryptfs-utils/+bug/830850/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 830850] Re: mount.ecrpytfs_private sets group owner of /etc/mtab to user's primary group
** Changed in: ecryptfs-utils (Ubuntu) Status: New => Confirmed ** Changed in: ecryptfs-utils (Ubuntu) Importance: Undecided => High ** Visibility changed to: Private ** This bug has been flagged as a security vulnerability -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/830850 Title: mount.ecrpytfs_private sets group owner of /etc/mtab to user's primary group To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ecryptfs-utils/+bug/830850/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 830850] Re: mount.ecrpytfs_private sets group owner of /etc/mtab to user's primary group
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/830850 Title: mount.ecrpytfs_private sets group owner of /etc/mtab to user's primary group To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ecryptfs-utils/+bug/830850/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
