alpine 3.6
access weakness #499

1

Weakness Breakdown


Definition:

An access weakness occurs when software does not properly implement permissions that could have unintended consequences if exploited by malicious actors. An example of this weakness is when a default username and password are set by the developer but do not get changed by the system administrator.

Warning code(s):

Ensure that umask is given most restrictive possible setting.

File Name:

gdnsd/src/gdnsd-1.11.5/gdnsd/libgdnsd/libdmn/dmn_daemon.c

Context:

The highlighted line of code below is the trigger point of this particular Alpine 3.6 access weakness.

         dmn_log_fatal("close() of status pipe read-side failed in first child: %s", dmn_strerror(errno));

    // setsid() and ignore HUP/PIPE before the second fork
    if(setsid() == -1) dmn_log_fatal("setsid() failed: %s", dmn_strerror(errno));
    struct sigaction sa;
    sigemptyset(&sa.sa_mask);
    sa.sa_flags = 0;
    sa.sa_handler = SIG_IGN;

    if(sigaction(SIGHUP, &sa, NULL))
        dmn_log_fatal("sigaction to ignore SIGHUP failed: %s", dmn_strerror(errno));

    if(sigaction(SIGPIPE, &sa, NULL))
        dmn_log_fatal("sigaction to ignore SIGPIPE failed: %s", dmn_strerror(errno));

    // Fork again.  This time the intermediate parent exits immediately.
    const pid_t second_fork_pid = fork();
    if(second_fork_pid == -1)
        dmn_log_fatal("fork() failed: %s", dmn_strerror(errno));
    if(second_fork_pid) // intermediate parent proc
        _exit(0);

    // we're now in the final child daemon

    umask(022);

    const pid_t pid = startup_pidrace(pidfile, restart);

    if(!freopen("/dev/null", "r", stdin))
        dmn_log_fatal("Cannot open /dev/null: %s", dmn_strerror(errno));
    if(!freopen("/dev/null", "w", stdout))
        dmn_log_fatal("Cannot open /dev/null: %s", dmn_strerror(errno));
    if(!freopen("/dev/null", "r+", stderr))
        dmn_log_fatal("Cannot open /dev/null: %s", dmn_strerror(errno));
    dmn_log_info("Daemonized, final pid is %li", (long)pid);

    // track fd for later dmn_daemonize_finish()
    status_finish_fd = statuspipe[1];
}

void dmn_daemonize_finish(void) {
    dmn_assert(status_finish_fd != -1);

    // inform original parent of our success, but if for some reason
    //   it died before we could do so, carry on anyways...
    errno = 0;
    char successchar = '$ ';
    if(1 != write(status_finish_fd, &successchar, 1))
        dmn_log_err("Bug? failed to notify parent of daemonization success! Errno was %s", dmn_strerror(errno));
    close(status_finish_fd); 

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.