[Bug 1560899] Re: sqlite triggers syscall error if run as root in snappy default confinement (fchown not allowed)
Oliver Grawert
ogra at ubuntu.com
Wed Mar 23 11:26:03 UTC 2016
** Changed in: sqlite3 (Ubuntu)
Status: New => Confirmed
** Changed in: sqlite3 (Ubuntu)
Importance: Undecided => High
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to sqlite3 in Ubuntu.
https://bugs.launchpad.net/bugs/1560899
Title:
sqlite triggers syscall error if run as root in snappy default
confinement (fchown not allowed)
Status in sqlite3 package in Ubuntu:
Confirmed
Bug description:
Code currently tries to change user to uid if geteuid is root; this
call triggers fchown syscall exception in snappy.
Good news is that in snappy this call is a null op in theory as both
geteuid as well as uid are 0, so changing wouldnt do anything.
Fix is to not try to chown if geteuid is equal to uid (e.g. if it
would be a null op anyway). "Safe" patch should be:
Index: sqlite3-3.11.0/src/os_unix.c
===================================================================
--- sqlite3-3.11.0.orig/src/os_unix.c
+++ sqlite3-3.11.0/src/os_unix.c
@@ -497,7 +497,7 @@ static struct unix_syscall {
*/
static int robustFchown(int fd, uid_t uid, gid_t gid){
#if defined(HAVE_FCHOWN)
- return osGeteuid() ? 0 : osFchown(fd,uid,gid);
+ return osGeteuid() || osGeteuid() == uid ? 0 : osFchown(fd,uid,gid);
#else
return 0;
#endif
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/sqlite3/+bug/1560899/+subscriptions
More information about the foundations-bugs
mailing list