fedora 24
access weakness #43

4

Weakness Breakdown


Definition:

An access weakness occurs when software does not properly implement permissions that could have unintended consequences if exploited by malicious actors. An example of this weakness is when a default username and password are set by the developer but do not get changed by the system administrator.

Warning code(s):

If this call fails, the program could fail to drop heightened privileges.

File Name:

wine-mono-4.6.4/mono/mono/io-layer/security.c

Context:

The highlighted line of code below is the trigger point of this particular Fedora 24 access weakness.

 /*
 * security.c:  Security
 *
 * Author:
 *	Sebastien Pouliot  <sebastien@ximian.com>
 *
 * (C) 2004 Novell (http://www.novell.com)
 */

#include <config.h>
#include <mono/io-layer/io-layer.h>

#ifdef HAVE_PWD_H
#include <pwd.h>
#endif

#include <string.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <unistd.h>

gboolean 
ImpersonateLoggedOnUser (gpointer handle)
{
	uid_t token = (uid_t) GPOINTER_TO_INT (handle);
#ifdef HAVE_SETRESUID
	if (setresuid (-1, token, getuid ()) < 0)
		return FALSE;
#endif
	return (geteuid () == token);
}


gboolean RevertToSelf (void)
{
#ifdef HAVE_GETRESUID
	uid_t ruid, euid;
#endif
	uid_t suid = -1;

#ifdef HAVE_GETRESUID
	if (getresuid (&ruid, &euid, &suid) < 0)
		return FALSE;
#endif
#ifdef HAVE_SETRESUID
	if (setresuid (-1, suid, -1) < 0)
		return FALSE;
#else
	return TRUE;
#endif 

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.