From addbd293242b0b78aa54f054e6c1d249451f137d Mon Sep 17 00:00:00 2001 From: Kamil Dudka Date: Wed, 25 May 2022 09:55:02 +0200 Subject: [PATCH] drop world-readable permission on state file ... even when ACLs are enabled. This is a follow-up to the fix of CVE-2022-1348. It has no impact on security but makes the state file locking work again in more cases. Closes: https://github.com/logrotate/logrotate/pull/446 --- logrotate.c | 10 +++++++--- test/test-0048.sh | 1 + 2 files changed, 8 insertions(+), 3 deletions(-) Index: logrotate-3.18.1/logrotate.c =================================================================== --- logrotate-3.18.1.orig/logrotate.c +++ logrotate-3.18.1/logrotate.c @@ -2514,6 +2514,7 @@ static int writeState(const char *stateF struct tm now; time_t now_time, last_time; char *prevCtx; + int force_mode = 0; localtime_r(&nowSecs, &now); @@ -2582,9 +2583,13 @@ static int writeState(const char *stateF close(fdcurr); /* drop world-readable flag to prevent others from locking */ - sb.st_mode &= ~(mode_t)S_IROTH; + if (sb.st_mode & (mode_t)S_IROTH) { + /* drop world-readable flag to prevent others from locking */ + sb.st_mode &= ~(mode_t)S_IROTH; + force_mode = 1; + } - fdsave = createOutputFile(tmpFilename, O_RDWR | O_CREAT | O_TRUNC, &sb, prev_acl, 0); + fdsave = createOutputFile(tmpFilename, O_RDWR | O_CREAT | O_TRUNC, &sb, prev_acl, force_mode); #ifdef WITH_ACL if (prev_acl) { acl_free(prev_acl); Index: logrotate-3.18.1/test/test-0048.sh =================================================================== --- logrotate-3.18.1.orig/test/test-0048.sh +++ logrotate-3.18.1/test/test-0048.sh @@ -18,6 +18,7 @@ cat > state << EOF logrotate state -- version 2 EOF +chmod 0640 state setfacl -m u:nobody:rwx state $RLR test-config.48