swapon: do not run execvp() calls when swapon is setuid binary

swapon(8) is not expected to be setuid binary, but if it is try to avoid obvious security vulnerability of executing user preferred mkswap file as someone else, such as root. Signed-off-by: Sami Kerola <kerolasa@iki.fi>
author: Sami Kerola 2016-02-02 14:40:10 +0100
committer: Karel Zak 2016-02-11 10:52:18 +0100
commit: 8843aa41a74b4d3b3dc69fee339d2e64cb5c778f (patch)
tree: c8329ac23296c2f028840ed36aa87ad20cc74a0c /sys-utils/swapon.c
parent: swapon: move function arguments to control structure (diff)
download: kernel-qcow2-util-linux-8843aa41a74b4d3b3dc69fee339d2e64cb5c778f.tar.gz
kernel-qcow2-util-linux-8843aa41a74b4d3b3dc69fee339d2e64cb5c778f.tar.xz
kernel-qcow2-util-linux-8843aa41a74b4d3b3dc69fee339d2e64cb5c778f.zip
1 files changed, 4 insertions, 0 deletions
diff --git a/sys-utils/swapon.c b/sys-utils/swapon.c
index 5ad5cd1f3..be8f7718b 100644
--- a/sys-utils/swapon.c
+++ b/sys-utils/swapon.c
@@ -297,6 +297,10 @@ static int swap_reinitialize(struct swapon_ctl *ctl)
 	char const *cmd[7];
 	int idx=0;
 
+	if (geteuid() != getuid()) {
+		warnx(_("will not execute mkswap when swapon is setuid binary"));
+		return -1;
+	}
 	warnx(_("%s: reinitializing the swap."), ctl->device);
 
 	switch((pid=fork())) {
author	Sami Kerola	2016-02-02 14:40:10 +0100
committer	Karel Zak	2016-02-11 10:52:18 +0100
commit	8843aa41a74b4d3b3dc69fee339d2e64cb5c778f (patch)
tree	c8329ac23296c2f028840ed36aa87ad20cc74a0c /sys-utils/swapon.c
parent	swapon: move function arguments to control structure (diff)
download	kernel-qcow2-util-linux-8843aa41a74b4d3b3dc69fee339d2e64cb5c778f.tar.gz kernel-qcow2-util-linux-8843aa41a74b4d3b3dc69fee339d2e64cb5c778f.tar.xz kernel-qcow2-util-linux-8843aa41a74b4d3b3dc69fee339d2e64cb5c778f.zip