Added protection against use of MTR_PACKET under special circumstances

author R.E. Wolff <R.E.Wolff@BitWizard.nl>

Sun, 29 Jun 2025 12:06:00 +0000 (14:06 +0200)

committer R.E. Wolff <R.E.Wolff@BitWizard.nl>

Sun, 29 Jun 2025 12:06:00 +0000 (14:06 +0200)
author R.E. Wolff <R.E.Wolff@BitWizard.nl>
Sun, 29 Jun 2025 12:06:00 +0000 (14:06 +0200)
committer R.E. Wolff <R.E.Wolff@BitWizard.nl>
Sun, 29 Jun 2025 12:06:00 +0000 (14:06 +0200)
diff --git a/ui/cmdpipe.c b/ui/cmdpipe.c

index 81acb9c8b68f2d580f16231e94ce492fa56788cc..bd5606a525dd3f1859b0f2f6f8ee5ccd33cd1641 100644 (file)
--- a/ui/cmdpipe.c
+++ b/ui/cmdpipe.c
@@ -220,10 +220,17 @@ void execute_packet_child(
         the path to the mtr-packet executable.  This is necessary
         for debugging changes for mtr-packet.
       */
-    char *mtr_packet_path = getenv("MTR_PACKET");
-    if (mtr_packet_path == NULL) {
+    char * mtr_packet_path = NULL; 
+
+    // In the rare case that mtr-packet is not setuid-root, 
+    // and a select group of users has sudo privileges to run 
+    // mtr and not much else, THEN create /etc/mtr.is.run.under.sudo
+    // to prevent a privilege escalation when one of those accounts
+    // is compromised.  CVE-2025-49809
+    if (access ("/etc/mtr.is.run.under.sudo", F_OK) != 0)
+        mtr_packet_path = getenv("MTR_PACKET");
+    if (mtr_packet_path == NULL)
          mtr_packet_path = "mtr-packet";
-    }
  
      /*
         First, try to execute mtr-packet from PATH
author	R.E. Wolff <R.E.Wolff@BitWizard.nl>
	Sun, 29 Jun 2025 12:06:00 +0000 (14:06 +0200)
committer	R.E. Wolff <R.E.Wolff@BitWizard.nl>
	Sun, 29 Jun 2025 12:06:00 +0000 (14:06 +0200)