Patch-ID# 116408-02 Keywords: security format shell escape rbac sunray profile Synopsis: Trusted_Solaris_8_HW_12/02_x86: exec_attr patch Date: Sep/02/2004 Install Requirements: None Solaris Release: Trusted_Solaris_8_HW_12/02_x86 SunOS Release: Trusted_Solaris_8_HW_12/02_x86 Unbundled Product: Unbundled Release: Xref: This patch available for SPARC as patch 116407 Topic: Trusted_Solaris_8_HW_12/02_x86: exec_attr patch Relevant Architectures: i386 BugId's fixed with this patch: 4868842 4877087 4878800 4914644 4937542 5065635 5074088 Changes incorporated in this version: 4868842 4877087 4878800 5065635 5074088 Patches accumulated and obsoleted by this patch: Patches which conflict with this patch: Patches required with this patch: Obsoleted by: Files included with this patch: /etc/security/exec_attr Problem Description: 4868842 utxlock feature does not work in Trusted Solaris. 4877087 Typo in Sunray Management Profile. 4878800 inetd profiles needs update to write wtmpx entries 5065635 utgroupsig feature does not work in Trusted Solaris 5074088 Remove duplicate Device Security line for kbd added in sccs v 1.5 of exec_attr (from 116408-01) 4914644 Fix 4742992 format shell escape is a security hole under RBAC 4937542 Format and eject command in File System Management profile missing privileges Patch Installation Instructions: -------------------------------- Refer to the man pages for instructions on using 'patchadd' and 'patchrm' scripts provided with Trusted Solaris. Any other special or non-generic installation instructions should be described below as special instructions. For additional examples please see the appropriate man pages. Special Install Instructions: ----------------------------- NOTE 1: In order to get the full fix for bug 4914644, one should install the following patches: 116410-01 (or newer) format command patch NOTE 2: It is recommended to save a copy of the /etc/security/exec_attr file before installing this patch. A version of /etc/security/exec_attr is saved in the /var/sadm/pkg/SUNWcsr/save directory as exec_attr.116408-01 (or newer) Subsequent patch removals and installations of the same patch will result in overwriting the saved copy in this directory. The installation of this patch will merge the current version of the /etc/security/exec_attr file and new changes from the patch. Any custom modifications made in the current /etc/security/exec_attr file will remain after the patch is installed. The patch removal process will not restore the /etc/security/exec_attr file to the state before the patch installation; it will leave the /etc/security/exec_attr file untouched, in the exact state before the patch removal. The steps below assume the patch has been put into an ADMIN_LOW directory in /var/tmp and the patch file label is configured to ADMIN_LOW. Create a role which contains the Software Installation profile (typically admin role is assigned this profile) and whose label range includes the ADMIN_LOW label. All the steps in the patch installation should be executed at ADMIN_LOW. The patch should be owned by this role. 1) Login as a user authorized to assume a role that contains the Software Installation profile; typically the admin role. Assume that role. To verify the profile is assigned to the role, type: "profiles -l | grep patchadd". The result should be: /usr/sbin/patchadd uid=0, privs=all, label=admin_low 2) cd into /var/tmp and install the patch file. # cd /var/tmp # patchadd /var/tmp/ where is the patch number. Special Backout Instructions: ----------------------------- 1) Login as a user authorized to assume a role that contains the Software Installation profile; typically the admin role. Assume that role. To verify the profile is assigned to the role, type: "profiles -l | grep patchrm". The result should be: /usr/sbin/patchrm uid=0, privs=all, label=admin_low 2) Backout patch by typing: # patchrm where is the patch number. README -- Last modified date: Thursday, September 2, 2004