summaryrefslogtreecommitdiff
path: root/libpam/libpam.map
diff options
context:
space:
mode:
authorDmitry V. Levin <ldv@altlinux.org>2010-10-03 21:00:53 +0000
committerDmitry V. Levin <ldv@altlinux.org>2010-10-03 21:00:53 +0000
commit0b1055f64657dc0bf175f75c23470b2be7630451 (patch)
treef5957bb81fcfcf982d122c1d8ebdd4c81be9b73a /libpam/libpam.map
parentc388a2730d012b5101d264c83f8db586acd3a70c (diff)
Relevant BUGIDs:
Purpose of commit: bugfix Commit summary: --------------- 2010-10-04 Dmitry V. Levin <ldv@altlinux.org> * libpam/pam_modutil_priv.c: New file. * libpam/Makefile.am (libpam_la_SOURCES): Add it. * libpam/include/security/pam_modutil.h (struct pam_modutil_privs, PAM_MODUTIL_DEF_PRIVS, pam_modutil_drop_priv, pam_modutil_regain_priv): New declarations. * libpam/libpam.map (LIBPAM_MODUTIL_1.1.3): New interface. * modules/pam_env/pam_env.c (handle_env): Use new pam_modutil interface. * modules/pam_mail/pam_mail.c (_do_mail): Likewise. * modules/pam_xauth/pam_xauth.c (check_acl, pam_sm_open_session, pam_sm_close_session): Likewise. (pam_sm_open_session): Remove redundant fchown call. Fixes CVE-2010-3430, CVE-2010-3431.
Diffstat (limited to 'libpam/libpam.map')
-rw-r--r--libpam/libpam.map6
1 files changed, 6 insertions, 0 deletions
diff --git a/libpam/libpam.map b/libpam/libpam.map
index 9d55e84f..b0885d65 100644
--- a/libpam/libpam.map
+++ b/libpam/libpam.map
@@ -61,3 +61,9 @@ LIBPAM_MODUTIL_1.1 {
global:
pam_modutil_audit_write;
} LIBPAM_MODUTIL_1.0;
+
+LIBPAM_MODUTIL_1.1.3 {
+ global:
+ pam_modutil_drop_priv;
+ pam_modutil_regain_priv;
+} LIBPAM_MODUTIL_1.1;