[MDEV-11962] RPM Lint: missing-call-to-chdir-with-chroot /usr/libexec/mysqld Created: 2017-02-01  Updated: 2017-10-28  Resolved: 2017-10-28

Status: Closed
Project: MariaDB Server
Component/s: Server
Fix Version/s: N/A

Type: Task Priority: Minor
Reporter: Michal Schorm Assignee: Sergei Golubchik
Resolution: Not a Bug Votes: 0
Labels: None


 Description   

Please check this RPM Lint error:
mariadb-server.x86_64: E: missing-call-to-chdir-with-chroot /usr/libexec/mysqld

missing-call-to-chdir-with-chroot:

This executable appears to call chroot without using chdir to change the current directory. This is likely an error and permits an attacker to break out of the chroot by using fchdir. While that's not always a security issue, this has to be checked.

Thanks

 Comments   
Comment by Sergei Golubchik [ 2017-05-26 ]

The code is (looking at 10.1, but should be identical everywhere, it didn't change for years, iirc):

  if (chroot(path) == -1)
 
  {
 
    sql_perror("chroot");
 
    unireg_abort(1);
 
  }
 
  my_setwd("/", MYF(0));

Here, if chroot() fails, the server startup is aborted. Otherwise the server does chdir() immediately after.

I don't know what confused rpm lint — perhaps my_setwd() obscures chdir() and rpm lint doesn't see it? But there surely is chdir() directly after chroot().

Comment by Michal Schorm [ 2017-10-28 ]

Can be closed.

Yes, it is probabbly "my_setwd()", which RPMLint can't see into.
This code is alright.

Generated at Thu Feb 08 07:54:01 UTC 2024 using Jira 8.20.16#820016-sha1:9d11dbea5f4be3d4cc21f03a88dd11d8c8687422.