The setup_logging function in log.h in SANLock uses world-writable permissions for /var/log/sanlock.log, which allows local users to overwrite the file content or bypass intended disk-quota restrictions via standard filesystem write operations.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Sanlock | Ovirt | - (including) | - (including) |
| Native Client for RHEL 5 for Red Hat Storage | RedHat | glusterfs-0:3.3.0.7rhs-1.el5 | * |
| Native Client for RHEL 6 for Red Hat Storage | RedHat | glusterfs-0:3.3.0.7rhs-1.el6 | * |
| Red Hat Storage 2.0 | RedHat | appliance-0:1.7.1-1.el6rhs | * |
| Red Hat Storage 2.0 | RedHat | augeas-0:0.9.0-1.el6 | * |
| Red Hat Storage 2.0 | RedHat | glusterfs-0:3.3.0.7rhs-1.el6rhs | * |
| Red Hat Storage 2.0 | RedHat | gluster-swift-0:1.4.8-5.el6rhs | * |
| Red Hat Storage 2.0 | RedHat | libvirt-0:0.9.10-21.el6_3.8 | * |
| Red Hat Storage 2.0 | RedHat | rhn-client-tools-0:1.0.0-73.el6rhs | * |
| Red Hat Storage 2.0 | RedHat | sanlock-0:2.3-4.el6_3 | * |
| Red Hat Storage 2.0 | RedHat | sos-0:2.2-17.2.el6rhs | * |
| Red Hat Storage 2.0 | RedHat | vdsm-0:4.9.6-20.el6rhs | * |
| Red Hat Storage 2.0 Console | RedHat | org.ovirt.engine-root-0:2.0.techpreview1-4 | * |
| Red Hat Storage 2.0 Console | RedHat | vdsm-0:4.9.6-20.el6rhs | * |
| RHEV 3.X Hypervisor and Agents for RHEL-6 | RedHat | sanlock-0:2.3-4.el6_3 | * |
| Sanlock | Ubuntu | artful | * |
| Sanlock | Ubuntu | quantal | * |
| Sanlock | Ubuntu | raring | * |
| Sanlock | Ubuntu | saucy | * |
| Sanlock | Ubuntu | upstream | * |
| Sanlock | Ubuntu | utopic | * |
| Sanlock | Ubuntu | vivid | * |
| Sanlock | Ubuntu | wily | * |
| Sanlock | Ubuntu | yakkety | * |
| Sanlock | Ubuntu | zesty | * |