82a6b7b258
Fix CVE-2020-24332, CVE-2020-24330 and CVE-2020-24331.
20 lines
774 B
Diff
20 lines
774 B
Diff
diff -ur trousers-0.3.11.2.orig/src/tcsd/tcsd_conf.c trousers-0.3.11.2/src/tcsd/tcsd_conf.c
|
|
--- trousers-0.3.11.2.orig/src/tcsd/tcsd_conf.c 2013-07-12 18:27:37.000000000 +0200
|
|
+++ trousers-0.3.11.2/src/tcsd/tcsd_conf.c 2013-08-21 14:29:42.917231648 +0200
|
|
@@ -763,6 +763,7 @@
|
|
return TCSERR(TSS_E_INTERNAL_ERROR);
|
|
}
|
|
|
|
+#ifndef ALLOW_NON_TSS_CONFIG_FILE
|
|
/* make sure user/group TSS owns the conf file */
|
|
if (stat_buf.st_uid != 0 || grp->gr_gid != stat_buf.st_gid) {
|
|
LogError("TCSD config file (%s) must be user/group %s/%s", tcsd_config_file,
|
|
@@ -775,6 +776,7 @@
|
|
LogError("TCSD config file (%s) must be mode 0640", tcsd_config_file);
|
|
return TCSERR(TSS_E_INTERNAL_ERROR);
|
|
}
|
|
+#endif
|
|
#endif /* SOLARIS */
|
|
|
|
if ((f = fopen(tcsd_config_file, "r")) == NULL) {
|