Details
-
Bug
-
Status: Closed
-
Normal
-
Resolution: Fixed
-
None
-
None
-
Coremunity
-
CVE-2018-6513
-
Platform Core KANBAN
-
Needs Assessment
-
Security Fix
-
Puppet on Windows no longer includes /opt/puppetlabs/puppet/modules in its default basemodulepath as unprivileged users could create a {{C:\opt}} directory and escalate privileges.
-
Needs Assessment
Description
On Windows, basemodulepath defaults to C:/ProgramData/PuppetLabs/code/modules;C:/opt/puppetlabs/puppet/modules when running as a privileged user. An unprivileged user can drop a custom ruby fact into C:/opt/puppetlabs/puppet/modules/<module>/lib/facter/<fact>.rb and escalate privileges the next time the puppet service runs. This is possible because Windows allows all users to create directories in C:/
The basemodulepath should not include /opt on Windows.
Attachments
Issue Links
- relates to
-
PUP-4049 System module path should be a thing on Windows
-
- Closed
-