Pulogalamu ya ProHoster > Blog > nkhani zapaintaneti > Zowopsa mu swhkd, manejala wamfupi wa Wayland

Zowopsa mu swhkd, manejala wamfupi wa Wayland

Zowopsa zingapo zadziwika mu swhkd (Simple Wayland HotKey Daemon) chifukwa cha ntchito yolakwika yokhala ndi mafayilo osakhalitsa, magawo a mzere wamalamulo ndi soketi za Unix. Pulogalamuyi imalembedwa mu Rust ndipo imagwira kukanikiza hotkey m'malo motengera protocol ya Wayland (analogue yogwirizana ndi fayilo ya sxhkd yomwe imagwiritsidwa ntchito m'malo a X11).

Phukusili limaphatikizapo njira zopanda mwayi za swhks zomwe zimagwira ntchito za hotkey, ndi njira yakumbuyo ya swhkd yomwe imayenda ngati mizu ndikulumikizana ndi zida zolowetsa pamlingo wa uinput API. Soketi ya Unix imagwiritsidwa ntchito kukonza mgwirizano pakati pa swhks ndi swhkd. Pogwiritsa ntchito malamulo a Polkit, wogwiritsa ntchito aliyense wamba amatha kuyendetsa njira /usr/bin/swhkd ngati muzu ndikudutsa magawo osasintha.

Zowopsa zomwe zidazindikirika:

  • CVE-2022-27815 - Kusunga ndondomeko ya PID ku fayilo yokhala ndi dzina lodziwikiratu komanso m'ndandanda yomwe imalembedwa ndi ogwiritsa ntchito ena (/tmp/swhkd.pid). Wogwiritsa ntchito aliyense akhoza kupanga fayilo /tmp/swhkd.pid ndikuyika pid ya ndondomeko yomwe ilipo, zomwe zingapangitse swhkd kulephera kuyamba. Ngati palibe chitetezo pakupanga maulalo ophiphiritsa mu /tmp, chiwopsezocho chingagwiritsidwe ntchito kupanga kapena kulemba mafayilo mu chikwatu chilichonse (PID yalembedwa ku fayilo) kapena kudziwa zomwe zili mufayilo iliyonse padongosolo (swhkd prints the zonse zomwe zili mufayilo ya PID kuti stdout). Ndizochititsa chidwi kuti mukukonzekera kotulutsidwa fayilo ya PID inasunthidwa osati ku /run directory, koma ku / etc directory (/etc/swhkd/runtime/swhkd_{uid}.pid), kumene sikuli kwake.
  • CVE-2022-27814 - Pogwiritsa ntchito njira ya mzere wa "-c" womwe umagwiritsidwa ntchito pofotokoza fayilo yosinthira, ndizotheka kudziwa kukhalapo kwa fayilo iliyonse pamakina. Mwachitsanzo, kuti muwone /root/.somefile mutha kuyendetsa "pkexec /usr/bin/swhkd -d -c /root/.somefile" ndipo ngati fayilo ikusowa, cholakwika "/root/.somefile palibe ” zidzawonetsedwa. Monga momwe zimakhalira pachiwopsezo choyamba, kukonza vuto ndikudodometsa - kukonza vutoli kumabwera chifukwa chothandizira "mphaka" ('Command::new("/bin/cat")).arg(njira) tsopano yatsegulidwa kuti muwerenge fayilo yosinthira. output()').
  • CVE-2022-27819 - Nkhaniyi ikukhudzananso ndi kugwiritsa ntchito njira ya "-c", yomwe imapangitsa kuti fayilo yonse yosinthika ikwezedwe ndikuyika popanda kuyang'ana kukula ndi mtundu wa fayilo. Mwachitsanzo, kuti mulepheretse ntchitoyo mwa kutha kukumbukira kwaulere ndikupanga I/O yolakwika, mutha kufotokozera chida cha block poyambira ("pkexec / usr/bin/swhkd -d -c /dev/sda") kapena chipangizo cha khalidwe chomwe chimapanga mtsinje wopanda malire wa deta . Vutoli lidathetsedwa ndikukhazikitsanso mwayi musanatsegule fayilo, koma kukonza sikunathe, chifukwa ID yokhayo (UID) ndiyomwe imakhazikitsidwanso, koma ID ya gulu (GID) imakhalabe yofanana.
  • CVE-2022-27818 - Soketi ya Unix imapangidwa pogwiritsa ntchito fayilo ya /tmp/swhkd.sock yomwe imapangidwa m'mabuku olembedwa, zomwe zimatsogolera ku zovuta zofanana ndi chiopsezo choyamba (wogwiritsa ntchito aliyense akhoza kupanga /tmp/swhkd.sock ndi kupanga kapena kudumpha zochitika za keypress).
  • CVE-2022-27817 - Zochitika zolowetsa zimavomerezedwa kuchokera kuzipangizo zonse ndi magawo onse, i.e. wogwiritsa ntchito kuchokera ku gawo lina la Wayland kapena kuchokera ku kontrakitala amatha kusokoneza zochitika pomwe ma hotkey akanikizidwa ndi ogwiritsa ntchito ena.
  • CVE-2022-27816 Njira ya swhks, monga swhkd, imagwiritsa ntchito fayilo ya PID /tmp/swhks.pid muzolemba zolembedwa /tmp. Vutoli ndi lofanana ndi chiwopsezo choyamba, koma sizowopsa chifukwa swhks ikuyenda pansi pa ogwiritsa ntchito opanda mwayi.

Source: opennet.ru

Kuwonjezera ndemanga