[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[SCM] Hurd branch, master, updated. v0.9.git20211230-7-ga179160d

From: Samuel Thibault
Subject: [SCM] Hurd branch, master, updated. v0.9.git20211230-7-ga179160d
Date: Mon, 3 Jan 2022 19:11:08 -0500 (EST)

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "Hurd".

The branch, master has been updated
       via  a179160d41424813a2cf07ab554180804ae14fdf (commit)
      from  a8d51bf0ce26fd26e00338540857f43b8a99e126 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit a179160d41424813a2cf07ab554180804ae14fdf
Author: Samuel Thibault <>
Date:   Sun Jan 2 01:23:27 2022 +0100

    Fix leaking auth ports
    We need to be extremely careful with auth ports since leaking them into
    subprocesses may expose a root-auth port to non-root processes.
    Notably, get_nonsugid_ids was caching it, thus preventing glibc's exec
    implementation from dropping it. Login is also reimplementing hurdexec
    but without all the cloexec logic.
    This commit fixes various auth leaks.


Summary of changes:
 libfshelp/fetch-root.c       |  3 +++
 libshouldbeinlibc/nullauth.c |  4 +++-
 utils/login.c                | 28 ++++++++++++++++++++++++----
 utils/nonsugid.c             |  6 +++---
 utils/shd.c                  |  5 ++++-
 utils/x.c                    |  4 +++-
 6 files changed, 40 insertions(+), 10 deletions(-)


reply via email to

[Prev in Thread] Current Thread [Next in Thread]