[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    [oss-security] Buildroot: incorrect permissons on /dev/shm
From:       Ben Hutchings <ben.hutchings () essensium ! com>
Date:       2024-04-11 15:31:00
Message-ID: ZhgCNMQXfxPXuqvs () cephalopod
[Download RAW message or body]

Buildroot is a Linux distribution and system builder for embedded
systems.  Starting in Buildroot 2011.08, its default /etc/fstab
included an entry for /dev/shm with incorrect permissons (sticky bit
not set). (CWE-276)

Buildroot 2017.08 removed this entry for systems using systemd, and it
has never been included for systems using OpenRC.  So this only
affects Buildroot-built systems that use sysvinit, and some older
systems that use systemd.

Ben.

On Thu, Apr 11, 2024 at 05:20:16PM +0200, Ben Hutchings wrote:
> /dev/shm is a world-writable directory, like /tmp, and should also
> have the sticky bit set.  Without this, any user can delete and
> replace another user's files in /dev/shm.
> 
> This bug has been present since /dev/shm was added to the skeleton
> /etc/fstab, but appears to have been fixed for systems using systemd
> by commit 76fc9275f14e "system: separate sysv and systemd parts of the
> skeleton" which went into Buildroot 2017.08.
> 
> Signed-off-by: Ben Hutchings <ben.hutchings@mind.be>
> Fixes: 22fde22e35f98f7830c2f8955465532328348cd1
> ---
>  package/skeleton-init-sysv/skeleton/etc/fstab | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/package/skeleton-init-sysv/skeleton/etc/fstab b/package/skeleton-init-sysv/skeleton/etc/fstab
> index 169054b74f..06c20fe9d5 100644
> --- a/package/skeleton-init-sysv/skeleton/etc/fstab
> +++ b/package/skeleton-init-sysv/skeleton/etc/fstab
> @@ -2,7 +2,7 @@
>  /dev/root	/		ext2	rw,noauto	0	1
>  proc		/proc		proc	defaults	0	0
>  devpts		/dev/pts	devpts	defaults,gid=5,mode=620,ptmxmode=0666	0	0
> -tmpfs		/dev/shm	tmpfs	mode=0777	0	0
> +tmpfs		/dev/shm	tmpfs	mode=1777	0	0
>  tmpfs		/tmp		tmpfs	mode=1777	0	0
>  tmpfs		/run		tmpfs	mode=0755,nosuid,nodev	0	0
>  sysfs		/sys		sysfs	defaults	0	0
> -- 
> 2.39.2
> 

-- 
Ben Hutchings · Senior Embedded Software Engineer, Essensium-Mind · mind.be
[prev in list] [next in list] [prev in thread] [next in thread]