mirror of
https://git.FreeBSD.org/ports.git
synced 2024-10-20 20:09:11 +00:00
Security update with following changes:
Makefile: PLIST_SUB added (CONF_DIR), fix ${NOPORTDOCS}, bump ${PORTREVISION} pkg-plist: etc -> %%CONF_DIR%%, utilize ${DOCSDIR} Setuid misplaced (security fix) for main.c Thanks to cyrill@econ.krasnoyarsk.su for submitting this patch. Also makes portlint happy. Submitted by: Clement Laforet <sheepkiller@cultdeadsheep.org> (maintainer) PR: 56614
This commit is contained in:
parent
604abc9bef
commit
4e0429d90d
Notes:
svn2git
2021-03-31 03:12:20 +00:00
svn path=/head/; revision=88866
@ -7,10 +7,11 @@
|
||||
|
||||
PORTNAME= op
|
||||
PORTVERSION= 1.11
|
||||
PORTREVISION= 1
|
||||
CATEGORIES= security
|
||||
MASTER_SITES= ftp://ftp.cerias.purdue.edu/pub/tools/%SUBDIR%/ \
|
||||
ftp://ftp.rge.com/pub/security/cerias/tools/%SUBDIR%/ \
|
||||
ftp://ftp.hacktic.nl/pub/security/coast.cs.purdue.edu/%SUBDIR%/ \
|
||||
ftp://ftp.hacktic.nl/pub/security/coast.cs.purdue.edu/%SUBDIR%/ \
|
||||
ftp://ftp.nask.pl/pub/mirror/coast.cs.purdue.edu/%SUBDIR%/
|
||||
MASTER_SITE_SUBDIR= unix/sysutils/${PORTNAME}
|
||||
|
||||
@ -29,6 +30,8 @@ MAKE_ARGS= BASE="${PREFIX}" \
|
||||
MANOWN=${MANOWN} MANGRP=${MANGRP} MANMODE=${MANMODE}
|
||||
ALL_TARGET= ${PORTNAME}
|
||||
|
||||
PLIST_SUB= CONF_DIR="${CONF_DIR:S,^${PREFIX}/,,}"
|
||||
|
||||
MAN8= op.8
|
||||
|
||||
PKGDEINSTALL= ${PKGINSTALL}
|
||||
@ -82,10 +85,10 @@ install-conf-file:
|
||||
${PKGINSTALL} ${PKGNAME} POST-INSTALL
|
||||
|
||||
install-doc-files:
|
||||
.if !defined(NOPORTSDOC)
|
||||
.if !defined(NOPORTDOCS)
|
||||
@${MKDIR} ${DOCSDIR}
|
||||
.for file in ${DOC_FILES}
|
||||
@${INSTALL_DATA} ${WRKSRC}/${file} ${DOCSDIR}/${file}
|
||||
.for f in ${DOC_FILES}
|
||||
@${INSTALL_DATA} ${WRKSRC}/${f} ${DOCSDIR}
|
||||
.endfor
|
||||
.endif
|
||||
|
||||
|
53
security/op/files/patch-main.c
Normal file
53
security/op/files/patch-main.c
Normal file
@ -0,0 +1,53 @@
|
||||
--- main.c.orig Tue Sep 9 01:24:31 2003
|
||||
+++ main.c Tue Sep 9 01:29:26 2003
|
||||
@@ -448,29 +448,17 @@
|
||||
char *cp, *np;
|
||||
struct passwd *pw;
|
||||
struct group *gr;
|
||||
- int ngroups, gidset[256];
|
||||
+ int ngroups = 0, gidset[256];
|
||||
int curenv = 0, curarg = 0;
|
||||
char *new_envp[MAXENV];
|
||||
char *new_argv[MAXARG];
|
||||
char str[MAXSTRLEN], buf[4*MAXSTRLEN];
|
||||
|
||||
- if ((cp = FindOpt(cmd, "uid")) == NULL) {
|
||||
- if (setuid(0) < 0)
|
||||
- fatal("Unable to set uid to default", cp);
|
||||
- } else {
|
||||
- if ((pw = getpwnam(cp)) == NULL) {
|
||||
- if (setuid(atoi(cp)) < 0)
|
||||
- fatal("Unable to set uid to %s", cp);
|
||||
- }
|
||||
- if (setuid(pw->pw_uid) < 0)
|
||||
- fatal("Unable to set uid to %s", cp);
|
||||
- }
|
||||
-
|
||||
if ((cp = FindOpt(cmd, "gid")) == NULL) {
|
||||
; /* don't have a default */
|
||||
} else {
|
||||
for (cp=GetField(cp, str); cp!=NULL; cp=GetField(cp, str)) {
|
||||
- if ((gr = getgrnam(cp)) != NULL)
|
||||
+ if ((gr = getgrnam(str)) != NULL)
|
||||
gidset[ngroups++] = gr->gr_gid;
|
||||
}
|
||||
if (ngroups == 0)
|
||||
@@ -533,6 +521,18 @@
|
||||
new_envp[curenv++] = environ[i];
|
||||
}
|
||||
new_envp[curenv] = NULL;
|
||||
+
|
||||
+ if ((cp = FindOpt(cmd, "uid")) == NULL) {
|
||||
+ if (setuid(0) < 0)
|
||||
+ fatal("Unable to set uid to default", cp);
|
||||
+ } else {
|
||||
+ if ((pw = getpwnam(cp)) == NULL) {
|
||||
+ if (setuid(atoi(cp)) < 0)
|
||||
+ fatal("Unable to set uid to %s", cp);
|
||||
+ }
|
||||
+ if (setuid(pw->pw_uid) < 0)
|
||||
+ fatal("Unable to set uid to %s", cp);
|
||||
+ }
|
||||
|
||||
if (strcmp("MAGIC_SHELL", cmd->args[0]) == 0) {
|
||||
for (i = 0; environ[i] != NULL; i++)
|
@ -1,6 +1,6 @@
|
||||
@comment $FreeBSD$
|
||||
bin/op
|
||||
etc/op.access.sample
|
||||
%%PORTDOCS%%share/doc/op/README
|
||||
%%PORTDOCS%%share/doc/op/op.paper
|
||||
%%PORTDOCS%%@dirrm share/doc/op
|
||||
%%CONF_DIR%%/op.access.sample
|
||||
%%PORTDOCS%%%%DOCSDIR%%/README
|
||||
%%PORTDOCS%%%%DOCSDIR%%/op.paper
|
||||
%%PORTDOCS%%@dirrm %%DOCSDIR%%
|
||||
|
Loading…
Reference in New Issue
Block a user