From: "Daniel P. Berrange" <berrange@xxxxxxxxxx> The following series of patches have been pushed to master as a fix for CVE-2013-4400. The first four patches are the core fix. The remaining 10 patches are preventative measures to help avoid further problems in the future. I will be pushing at least the first 4 patches to stable branches and any of the further patches if I find they apply without merge problems. Daniel P. Berrange (14): Add helpers for getting env vars in a setuid environment Only allow 'stderr' log output when running setuid (CVE-2013-4400) Close all non-stdio FDs in virt-login-shell (CVE-2013-4400) Don't link virt-login-shell against libvirt.so (CVE-2013-4400) Set a sane $PATH for virt-login-shell Make virCommand env handling robust in setuid env Remove all direct use of getenv Block all use of getenv with syntax-check Only allow the UNIX transport in remote driver when setuid Don't allow remote driver daemon autostart when running setuid Add stub getegid impl for platforms lacking it Remove (nearly) all use of getuid()/getgid() Block all use of libvirt.so in setuid programs Move virt-login-shell into libvirt-login-shell sub-RPM Makefile.am | 1 + bootstrap.conf | 1 + cfg.mk | 8 ++++ config-post.h | 44 ++++++++++++++++++ configure.ac | 1 + daemon/Makefile.am | 1 + daemon/libvirtd.c | 2 +- examples/domain-events/events-c/Makefile.am | 3 +- examples/hellolibvirt/Makefile.am | 2 +- examples/openauth/Makefile.am | 2 +- gnulib/lib/Makefile.am | 2 +- libvirt.spec.in | 28 +++++++---- python/Makefile.am | 1 + src/Makefile.am | 72 +++++++++++++++++++++++++++++ src/driver.c | 3 +- src/libvirt.c | 54 +++++++++++++++------- src/libvirt_private.syms | 6 ++- src/locking/lock_daemon.c | 6 +-- src/locking/lock_driver_lockd.c | 6 +-- src/locking/lock_manager.c | 2 +- src/lxc/lxc_controller.c | 2 +- src/lxc/lxc_driver.c | 4 +- src/lxc/lxc_process.c | 2 +- src/qemu/qemu_command.c | 8 ++-- src/qemu/qemu_driver.c | 6 +-- src/remote/remote_driver.c | 37 +++++++++++---- src/rpc/virnetsocket.c | 16 +++---- src/rpc/virnettlscontext.c | 4 +- src/storage/storage_backend.c | 4 +- src/storage/storage_backend_fs.c | 4 +- src/storage/storage_backend_logical.c | 2 +- src/util/virauth.c | 2 +- src/util/vircommand.c | 50 +++++++++++++++----- src/util/vircommand.h | 8 +++- src/util/virfile.c | 23 +++++---- src/util/viridentity.c | 8 ++-- src/util/virlog.c | 18 ++++++-- src/util/virrandom.c | 2 +- src/util/virstoragefile.c | 2 +- src/util/virutil.c | 47 +++++++++++++++++-- src/util/virutil.h | 8 ++++ src/vbox/vbox_XPCOMCGlue.c | 2 +- src/vbox/vbox_driver.c | 2 +- src/vbox/vbox_tmpl.c | 6 +-- tests/commandtest.c | 8 ++-- tests/qemumonitortestutils.c | 2 +- tests/virnetsockettest.c | 4 +- tools/Makefile.am | 9 +++- tools/virsh.c | 18 ++++---- tools/virt-login-shell.c | 14 ++++++ 50 files changed, 430 insertions(+), 137 deletions(-) create mode 100644 config-post.h -- 1.8.3.1 -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list