strange chkstat output...

classic Classic list List threaded Threaded
8 messages Options
Reply | Threaded
Open this post in threaded view
|

strange chkstat output...

Mathias Homann-2
Hi,


sometimes when I use chkstat --system to correct permissions on my
system i get this output:


kumiko:~ # chkstat --system
bad permissions line NNTPSERVER=news:2

[normal chkstat output deleted]


To me that looks like a buffer overflow that makes chkstat treat the
shell environment as input. Any ideas how to fix / where to report?


Cheers

MH



--
To unsubscribe, e-mail: [hidden email]
To contact the owner, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: strange chkstat output...

Marcus Meissner
On Tue, Jul 04, 2017 at 10:58:38AM +0200, Mathias Homann wrote:

> Hi,
>
>
> sometimes when I use chkstat --system to correct permissions on my system i
> get this output:
>
>
> kumiko:~ # chkstat --system
> bad permissions line NNTPSERVER=news:2
>
> [normal chkstat output deleted]
>
>
> To me that looks like a buffer overflow that makes chkstat treat the shell
> environment as input. Any ideas how to fix / where to report?

One of the /etc/permissions files was modified incorrectly.

grep NNTPSERVER /etc/permissions*

Ciao, Marcus

--
To unsubscribe, e-mail: [hidden email]
To contact the owner, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: strange chkstat output...

Mathias Homann-2
On 04.07.2017 11:01, Marcus Meissner wrote:

> On Tue, Jul 04, 2017 at 10:58:38AM +0200, Mathias Homann wrote:
>> Hi,
>>
>>
>> sometimes when I use chkstat --system to correct permissions on my system i
>> get this output:
>>
>>
>> kumiko:~ # chkstat --system
>> bad permissions line NNTPSERVER=news:2
>>
>> [normal chkstat output deleted]
>>
>>
>> To me that looks like a buffer overflow that makes chkstat treat the shell
>> environment as input. Any ideas how to fix / where to report?
> One of the /etc/permissions files was modified incorrectly.
>
> grep NNTPSERVER /etc/permissions*
>

that was my first thought too, but that grep comes up empty. Also, it is
not always the same variable. If I add more permissions files to
/etc/permissions.d it changes.


cheers
MH

--
To unsubscribe, e-mail: [hidden email]
To contact the owner, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: strange chkstat output...

Marcus Meissner
On Tue, Jul 04, 2017 at 11:51:23AM +0200, Mathias Homann wrote:

> On 04.07.2017 11:01, Marcus Meissner wrote:
> > On Tue, Jul 04, 2017 at 10:58:38AM +0200, Mathias Homann wrote:
> >> Hi,
> >>
> >>
> >> sometimes when I use chkstat --system to correct permissions on my system i
> >> get this output:
> >>
> >>
> >> kumiko:~ # chkstat --system
> >> bad permissions line NNTPSERVER=news:2
> >>
> >> [normal chkstat output deleted]
> >>
> >>
> >> To me that looks like a buffer overflow that makes chkstat treat the shell
> >> environment as input. Any ideas how to fix / where to report?
> > One of the /etc/permissions files was modified incorrectly.
> >
> > grep NNTPSERVER /etc/permissions*
> >
>
> that was my first thought too, but that grep comes up empty. Also, it is
> not always the same variable. If I add more permissions files to
> /etc/permissions.d it changes.

Then it will likely be in /etc/sysconfig/security  ...

Ciao, Marcus

--
To unsubscribe, e-mail: [hidden email]
To contact the owner, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: strange chkstat output...

Mathias Homann-2


On 04.07.2017 12:46, Marcus Meissner wrote:

> On Tue, Jul 04, 2017 at 11:51:23AM +0200, Mathias Homann wrote:
>> On 04.07.2017 11:01, Marcus Meissner wrote:
>>> On Tue, Jul 04, 2017 at 10:58:38AM +0200, Mathias Homann wrote:
>>>> Hi,
>>>>
>>>>
>>>> sometimes when I use chkstat --system to correct permissions on my system i
>>>> get this output:
>>>>
>>>>
>>>> kumiko:~ # chkstat --system
>>>> bad permissions line NNTPSERVER=news:2
>>>>
>>>> [normal chkstat output deleted]
>>>>
>>>>
>>>> To me that looks like a buffer overflow that makes chkstat treat the shell
>>>> environment as input. Any ideas how to fix / where to report?
>>> One of the /etc/permissions files was modified incorrectly.
>>>
>>> grep NNTPSERVER /etc/permissions*
>>>
>> that was my first thought too, but that grep comes up empty. Also, it is
>> not always the same variable. If I add more permissions files to
>> /etc/permissions.d it changes.

found it. it WAS in fact something in one permissions file... but I
would still consider it a serious bug if a piece of software starts
parsing the shell environment as file when a configuration file has a LF
character at the end.

where do I file that?

cheers
MH





--
To unsubscribe, e-mail: [hidden email]
To contact the owner, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: strange chkstat output...

Bernhard Voelker
On 07/04/2017 12:57 PM, Mathias Homann wrote:
> found it. it WAS in fact something in one permissions file... but I
> would still consider it a serious bug if a piece of software starts
> parsing the shell environment as file when a configuration file has a LF
> character at the end.

probably it didn't parse the file ... but somehow dereferenced memory to an
entry in char**environ?

> where do I file that?

  $ rpm -qf `which chkstat`
  permissions-20170602-1.1.x86_64

Have a nice day,
Berny

--
To unsubscribe, e-mail: [hidden email]
To contact the owner, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: strange chkstat output...

Marcus Meissner
On Tue, Jul 04, 2017 at 01:14:27PM +0200, Bernhard Voelker wrote:

> On 07/04/2017 12:57 PM, Mathias Homann wrote:
> > found it. it WAS in fact something in one permissions file... but I
> > would still consider it a serious bug if a piece of software starts
> > parsing the shell environment as file when a configuration file has a LF
> > character at the end.
>
> probably it didn't parse the file ... but somehow dereferenced memory to an
> entry in char**environ?
>
> > where do I file that?
>
>   $ rpm -qf `which chkstat`
>   permissions-20170602-1.1.x86_64

From which file was the LF missing?

Can you open a bug and attach this corrupted file?

Ciao, Marcus

--
To unsubscribe, e-mail: [hidden email]
To contact the owner, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: strange chkstat output...

Mathias Homann-2
Am Dienstag, 4. Juli 2017, 13:17:50 CEST schrieb Marcus Meissner:

> On Tue, Jul 04, 2017 at 01:14:27PM +0200, Bernhard Voelker wrote:
> > On 07/04/2017 12:57 PM, Mathias Homann wrote:
> > > found it. it WAS in fact something in one permissions file... but I
> > > would still consider it a serious bug if a piece of software starts
> > > parsing the shell environment as file when a configuration file has a LF
> > > character at the end.
> >
> > probably it didn't parse the file ... but somehow dereferenced memory to
> > an
> > entry in char**environ?
> >
> > > where do I file that?
> > >
> >   $ rpm -qf `which chkstat`
> >   permissions-20170602-1.1.x86_64
>
> From which file was the LF missing?
>
> Can you open a bug and attach this corrupted file?
>
> Ciao, Marcus
Done.

https://bugzilla.opensuse.org/show_bug.cgi?id=1047247


--
gpg key fingerprint: 5F64 4C92 9B77 DE37 D184  C5F9 B013 44E7 27BD 763C

signature.asc (650 bytes) Download Attachment