svn commit: r338165 - head/usr.sbin/newsyslog

Conrad Meyer cem at FreeBSD.org
Tue Aug 21 23:12:47 UTC 2018 

Author: cem
Date: Tue Aug 21 23:12:46 2018
New Revision: 338165
URL: https://svnweb.freebsd.org/changeset/base/338165

Log:
  newsyslog(8): Reject configurations that specify setuid or executable logs
  
  Prevent some classes of foot-shooting that may result in permissions
  problems.
  
  Reviewed by:	dab, delphij, vangyzen (earlier version)
  Relnotes:	yes (behavior change)
  Sponsored by:	Dell EMC Isilon
  Differential Revision:	D16831

Modified:
  head/usr.sbin/newsyslog/newsyslog.c
  head/usr.sbin/newsyslog/newsyslog.conf.5

Modified: head/usr.sbin/newsyslog/newsyslog.c
==============================================================================
--- head/usr.sbin/newsyslog/newsyslog.c	Tue Aug 21 23:11:26 2018	(r338164)
+++ head/usr.sbin/newsyslog/newsyslog.c	Tue Aug 21 23:12:46 2018	(r338165)
@@ -1193,6 +1193,12 @@ parse_file(FILE *cf, struct cflist *work_p, struct cfl
 		if (!sscanf(q, "%o", &working->permissions))
 			errx(1, "error in config file; bad permissions:\n%s",
 			    errline);
+		if ((working->permissions & ~DEFFILEMODE) != 0) {
+			warnx("File mode bits 0%o changed to 0%o in line:\n%s",
+			    working->permissions,
+			    working->permissions & DEFFILEMODE, errline);
+			working->permissions &= DEFFILEMODE;
+		}
 
 		q = parse = missing_field(sob(parse + 1), errline);
 		parse = son(parse);

Modified: head/usr.sbin/newsyslog/newsyslog.conf.5
==============================================================================
--- head/usr.sbin/newsyslog/newsyslog.conf.5	Tue Aug 21 23:11:26 2018	(r338164)
+++ head/usr.sbin/newsyslog/newsyslog.conf.5	Tue Aug 21 23:12:46 2018	(r338165)
@@ -21,7 +21,7 @@
 .\" the suitability of this software for any purpose.  It is
 .\" provided "as is" without express or implied warranty.
 .\"
-.Dd January 15, 2018
+.Dd August 21, 2018
 .Dt NEWSYSLOG.CONF 5
 .Os
 .Sh NAME
@@ -96,6 +96,11 @@ or
 .Pa /etc/group .
 .It Ar mode
 Specify the file mode of the log file and archives.
+Valid mode bits are
+.Dv 0666 .
+(That is, read and write permissions for the rotated log may be specified for
+the owner, group, and others.)
+All other mode bits are ignored.
 .It Ar count
 Specify the maximum number of archive files which may exist.
 This does not consider the current log file.

More information about the svn-src-head mailing list