Uchungechunge lokuba sengozini kukhonjwe ku-swhkd (Simple Wayland HotKey Daemon) okubangelwa umsebenzi ongalungile onamafayela esikhashana, amapharamitha womugqa womyalo namasokhethi e-Unix. Uhlelo lubhalwe ngeRust futhi lusingatha ukucindezelwa kwe-hotkey ezindaweni ezisuselwe kuphrothokholi ye-Wayland (i-analogue ehambisanayo nefayela yenqubo ye-sxhkd esetshenziswa ezindaweni ezisekelwe ku-X11).
Iphakheji ihlanganisa inqubo ye-SWhks engenamalungelo eyenza izenzo ze-hotkey, kanye nenqubo yangemuva ye-SWhkd esebenza njengempande futhi isebenzisana namadivayisi okokufaka kuleveli ye-API yokufaka. Isokhethi ye-Unix isetshenziselwa ukuhlela ukusebenzisana phakathi kwe-swhks ne-swhkd. Ngokusebenzisa imithetho ye-Polkit, noma yimuphi umsebenzisi wendawo angasebenzisa inqubo ye-/usr/bin/swhkd njengempande futhi adlulisele imingcele ethile kuyo.
Ubungozi obuhlonziwe:
- I-CVE-2022-27815 - Ukulondoloza inqubo ye-PID efayeleni elinegama elibikezelwayo nakuhla lwemibhalo olubhalwa abanye abasebenzisi (/tmp/swhkd.pid). Noma yimuphi umsebenzisi angakha ifayela /tmp/swhkd.pid futhi abeke i-pid yenqubo ekhona kuyo, ezokwenza i-swhkd ingakwazi ukuqala. Uma singekho isivikelo ekudaleni izixhumanisi ezingokomfanekiso ku/tmp, ukuba sengozini kungasetshenziswa ukudala noma ukubhala ngaphezulu amafayela kunoma yiluphi uhlelo lwemibhalo (i-PID ibhalwe efayeleni) noma kunqunywe okuqukethwe kwanoma yiliphi ifayela ohlelweni (i-swhkd iphrinta konke okuqukethwe kwefayela le-PID kuya ku-stdout). Kuyaphawuleka ukuthi ekulungiseni okukhishiwe ifayela le-PID alihanjiswanga kuhla lwemibhalo/run, kodwa kuhla lwemibhalo /etc (/etc/swhkd/runtime/swhkd_{uid}.pid), lapho futhi engeyona eyakhona.
- I-CVE-2022-27814 - Ngokukhohlisa inketho yomugqa womyalo "-c" esetshenziselwa ukucacisa ifayela lokumisa, kungenzeka ukunquma ukuba khona kwanoma yiliphi ifayela ohlelweni. Isibonelo, ukuze uhlole /impande/.somefile ungasebenzisa i-“pkexec /usr/bin/swhkd -d -c /root/.somefile” futhi uma ifayela lingekho, iphutha elithi “/root/.somefile alikho ” izovezwa. Njengasendabeni yokuba sengozini kokuqala, ukulungisa inkinga kuyadida - ukulungisa inkinga kubilisa eqinisweni lokuthi insiza yangaphandle “ikati” ('Command::new(“/bin/cat”)).arg(indlela) manje yethulwa ukuze kufundwe ifayela lokumisa. output()').
- I-CVE-2022-27819 - Inkinga futhi ihlobene nokusetshenziswa kwenketho ethi “-c”, ebangela ukuthi lonke ifayela lokucushwa lilayishwe futhi lihlukaniswe ngaphandle kokuhlola usayizi nohlobo lwefayela. Isibonelo, ukuze ubangele ukunqatshelwa kwesevisi ngokuphelelwa inkumbulo yamahhala nokudala i-I/O engamanga, ungacacisa idivayisi yokuvimba ekuqaleni ("pkexec /usr/bin/swhkd -d -c /dev/sda") noma idivayisi yezinhlamvu ekhiqiza ukusakaza okungapheli kwedatha . Inkinga yaxazululwa ngokusetha kabusha amalungelo ngaphambi kokuvula ifayela, kodwa ukulungiswa akuzange kuphelele, njengoba i-ID yomsebenzisi (i-UID) kuphela esethwe kabusha, kodwa i-ID yeqembu (GID) ihlala injalo.
- I-CVE-2022-27818 - Isokhethi le-Unix lakhiwe kusetshenziswa ifayela /tmp/swhkd.sock elidalwe kuhla lwemibhalo olubhalekayo, okuholela ezindabeni ezifanayo nokuba sengozini kokuqala (noma yimuphi umsebenzisi angadala /tmp/swhkd.sock futhi akhiqize noma anqamule Imicimbi yokucindezela ukhiye).
- I-CVE-2022-27817 - Imicimbi yokokufaka yamukelwa kuwo wonke amadivayisi nakuwo wonke amaseshini, i.e. umsebenzisi osuka kwenye iseshini ye-Wayland noma osuka kukhonsoli angavimba imicimbi lapho okhiye be-hotkey becindezelwa abanye abasebenzisi.
- I-CVE-2022-27816 Inqubo ye-swhks, njenge-swhkd, isebenzisa ifayela le-PID /tmp/swhks.pid kumkhombandlela obhalekayo /tmp. Inkinga ifana nokuba sengozini kokuqala, kodwa ayiyona ingozi ngoba ama-swhks asebenza ngaphansi komsebenzisi ongenamalungelo.
Source: opennet.ru