TUCoPS :: BSD :: golddi.htm

FreeBSD Golddig setuid root level creation utility
Vulnerability

    golddig

Affected

    golddig users

Description

    Following is based  on FreeBSD Security  Advisory.  Golddig  is an
    X11 game provided as part of the FreeBSD ports collection.

    The  golddig  port  erroneously  installs a level-creation utility
    setuid  root,  which  allows  users  to  overwrite the contents of
    arbitrary local files.  It  is not believed that any  elevation of
    privileges  is  possible  with  this  vulnerability  because   the
    contents of  the file  are a  textual representation  of a golddig
    game level which is highly constrained.

    The golddig port is not installed  by default, nor is it "part  of
    FreeBSD" as  such: it  is part  of the  FreeBSD ports  collection,
    which   contains   over   3200   third-party   applications  in  a
    ready-to-install  format.  The   ports  collection  shipped   with
    FreeBSD 4.0 contains  this problem since  it was discovered  after
    the release.

    An unprivileged local user can overwrite the contents of any file,
    although they are restricted in  the possible contents of the  new
    file.    If  you   have  not   chosen  to   install  the   golddig
    port/package, then your system is not vulnerable to this problem.

Solution

    Workaround is one of the following:

        1) Deinstall  the  golddig  port/package,  if  you  you   have
           installed it.
        2) Remove  the setuid  bit from  /usr/local/bin/makelev.  This
           will  mean  unprivileged  users  cannot  create  or  modify
           golddig levels except in their own directories.

    Solution is one of the following:

        1) Upgrade  your  entire  ports  collection  and  rebuild  the
           golddig port.
        2) Reinstall a  new package dated  after the correction  date,
           obtained from:
               ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-3-stable/games/golddig-2.0.tgz
               ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-4-stable/games/golddig-2.0.tgz
               ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/alpha/packages-4-stable/games/golddig-2.0.tgz
               ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-5-current/games/golddig-2.0.tgz
               ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/alpha/packages-5-current/games/golddig-2.0.tgz
        3) download a new port skeleton for the golddig port from:
               http://www.freebsd.org/ports/
           and use it to rebuild the port.

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH