alpine 3.6
access weakness #173

1

Weakness Breakdown


Definition:

An access weakness occurs when software does not properly implement permissions that could have unintended consequences if exploited by malicious actors. An example of this weakness is when a default username and password are set by the developer but do not get changed by the system administrator.

Warning code(s):

Ensure that umask is given most restrictive possible setting.

File Name:

radvd/src/radvd-2.15/radvd.c

Context:

The highlighted line of code below is the trigger point of this particular Alpine 3.6 access weakness.

 	int pipe_ends[2];

	if (0 != pipe(pipe_ends)) {
		flog(LOG_ERR, "unable to create pipe: %s", strerror(errno));
		exit(-1);
	}

	pid_t pid = fork();

	if (-1 == pid) {
		flog(LOG_ERR, "unable to fork in daemonp");
		exit(-1);
	} else if (0 == pid) {
		/* Child process, detached.. */
		pid = getpid();
		close(pipe_ends[0]);
		if (0 != write_pid_file(daemon_pid_file_ident, pid)) {
			flog(LOG_ERR, "failure writing pid file");
			exit(-1);
		}
		if (sizeof(pid) != write(pipe_ends[1], &pid, sizeof(pid))) {
			flog(LOG_ERR, "failure piping pid to parent process");
		}

		umask(0);
		if (-1 == setsid()) {
			flog(LOG_ERR, "unable to become a session leader: %s", strerror(errno));
			exit(-1);
		}

		if (nochdir == 0) {
			if (chdir("/") == -1) {
				perror("chdir");
				exit(1);
			}
		}
		if (noclose == 0) {
			close(STDIN_FILENO);
			close(STDOUT_FILENO);
			close(STDERR_FILENO);
			if (open("/dev/null", O_RDONLY) == -1) {
				flog(LOG_ERR, "unable to redirect stdin to /dev/null");
				exit(-1);
			}
			if (open("/dev/null", O_WRONLY) == -1) {
				flog(LOG_ERR, "unable to redirect stdout to /dev/null");
				exit(-1);
			}
			if (open("/dev/null", O_RDWR) == -1) {
				flog(LOG_ERR, "unable to redirect stderr to /dev/null"); 

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.