Patch-ID# 116409-01
Keywords: security format shell escape rbac
Synopsis: Trusted_Solaris_8_HW_12/02: format command patch
Date: Mar/24/2004


Install Requirements: None                      
                      
Solaris Release: Trusted_Solaris_8_HW_12/02

SunOS Release: Trusted_Solaris_8_HW_12/02

Unbundled Product: 

Unbundled Release: 

Xref: This patch available for x86 as patch 116410

Topic: Trusted_Solaris_8_HW_12/02: format command patch

Relevant Architectures: sparc

BugId's fixed with this patch: 4914644

Changes incorporated in this version: 4914644

Patches accumulated and obsoleted by this patch: 

Patches which conflict with this patch: 

Patches required with this patch: 

Obsoleted by: 

Files included with this patch: 

/usr/sbin/format

Problem Description:

4914644 Fix 4742992 format shell escape is a security hole under RBAC

Patch Installation Instructions:
--------------------------------
NOTE 1:	In order to get the full fix for bug 4914644, one should install
	the following patches:
 
	116407-01 (or newer)	exec_attr patch	
 
Refer to the man pages for instructions on using 'patchadd' and 'patchrm'
scripts provided with Trusted Solaris. Any other special or non-generic
installation instructions should be described below as special instructions.
 
For additional examples please see the appropriate man pages.

Special Install Instructions:
-----------------------------
 
The steps below assume the patch has been put into an ADMIN_LOW
directory in /var/tmp and the patch file label is configured to ADMIN_LOW.
 
Create a role which contains the Software Installation profile
(typically admin role is assigned this profile) and whose label
range includes the ADMIN_LOW label.  All the steps in the patch
installation should be executed at ADMIN_LOW.
 
The patch should be owned by this role.
 
        1) Login as a user authorized to assume a role that contains the
        Software Installation profile; typically the admin role.
        Assume that role.
 
        To verify the profile is assigned to the role, type:
        "profiles -l | grep patchadd".
 
        The result should be:
         /usr/sbin/patchadd    uid=0, privs=all, label=admin_low
 
        2) cd into /var/tmp and install the patch file.
 
        # cd /var/tmp
        # patchadd /var/tmp/<patch-id>
 
        where <patch-id> is the patch number.
 
Special Backout Instructions:
-----------------------------
[single-user]
This patch removal should be executed at single user mode.
Reboot immediately after the patch is removed.
 
        1) Drop the system to single user level.
 
[multi-user]
        1) Login as a user authorized to assume a role that contains the
        Software Installation profile; typically the admin role.
        Assume that role.
 
        To verify the profile is assigned to the role, type:
        "profiles -l | grep patchrm".
 
        The result should be:
        /usr/sbin/patchrm    uid=0, privs=all, label=admin_low
 
        2) Backout patch by typing:
 
        # patchrm <patch-id>
 
        where <patch-id> is the patch number.

README -- Last modified date:  Wednesday, March 24, 2004