Date: Sat, 2 May 2015 05:54:33 +0200 From: Michael Scherer <misc@...b.org> To: oss-security@...ts.openwall.com Cc: security@...ible.com Subject: CVE Request / Ansible: insecure permission on a directory when using spacewalk inventory Hi, Could a CVE be assigned for this problem : Ansible inventory script for spacewalk create a file in the current directory with incorrect permission due to a error in a chmod specification. https://github.com/ansible/ansible/blob/devel/plugins/inventory/spacewalk.py#L63 In python, os.chmod need to be in octal, and 2755 is not octal. So in the end, we manage to have permission like this : d-ws-w-rwt. And o+rw and u+s kinda sound bad. The directory is created in $PWD if I read the code right, so that's likely the homedir of 1 admin. However, that's executed locally, or from a bastion, so there isn't much venue to attack ( even if shared shell server still exist nowadays ), and this requires to use spacewalk. I pushed a commit there : https://github.com/mscherer/ansible/commit/251197f11de7c7a3c5d81141970dd8f2ef16c0ee I will wait for a CVE to be assigned before fixing the commit message, and push a PR ( cause i am quite bothered when I cannot find the CVE in the commit message) -- Michael Scherer
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ