Upstream-Status: Backport

logrotate: fix for CVE-2011-1548

If a logfile is a symlink, it may be read when being compressed, being
copied (copy, copytruncate) or mailed. Secure data (eg. password files)
may be exposed.

Portback nofollow.patch from:
http://logrotate.sourcearchive.com/downloads/3.8.1-5/logrotate_3.8.1-5.debian.tar.gz

Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>

---
--- a/logrotate.c	2012-09-06 13:25:08.000000000 +0800
+++ b/logrotate.c	2012-09-06 13:35:57.000000000 +0800
@@ -390,7 +390,7 @@
     compressedName = alloca(strlen(name) + strlen(log->compress_ext) + 2);
     sprintf(compressedName, "%s%s", name, log->compress_ext);
 
-    if ((inFile = open(name, O_RDWR)) < 0) {
+    if ((inFile = open(name, O_RDWR | O_NOFOLLOW)) < 0) {
 	message(MESS_ERROR, "unable to open %s for compression\n", name);
 	return 1;
     }
@@ -470,7 +470,7 @@
     char *mailArgv[] = { mailCommand, "-s", subject, address, NULL };
     int rc = 0;
 
-    if ((mailInput = open(logFile, O_RDONLY)) < 0) {
+    if ((mailInput = open(logFile, O_RDONLY | O_NOFOLLOW)) < 0) {
 	message(MESS_ERROR, "failed to open %s for mailing: %s\n", logFile,
 		strerror(errno));
 	return 1;
@@ -561,7 +561,7 @@
     message(MESS_DEBUG, "copying %s to %s\n", currLog, saveLog);
 
     if (!debug) {
-	if ((fdcurr = open(currLog, (flags & LOG_FLAG_COPY) ? O_RDONLY : O_RDWR)) < 0) {
+	if ((fdcurr = open(currLog, ((flags & LOG_FLAG_COPY) ? O_RDONLY : O_RDWR) | O_NOFOLLOW)) < 0) {
 	    message(MESS_ERROR, "error opening %s: %s\n", currLog,
 		    strerror(errno));
 	    return 1;