FreeBSD Bugzilla – Attachment 38191 Details for
Bug 60516
Maintainer update: security/op (security fix)
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
file.diff
file.diff (text/plain), 3.08 KB, created by
Cyrille Lefevre
on 2003-12-22 23:00:38 UTC
(
hide
)
Description:
file.diff
Filename:
MIME Type:
Creator:
Cyrille Lefevre
Created:
2003-12-22 23:00:38 UTC
Size:
3.08 KB
patch
obsolete
>Index: Makefile >=================================================================== >RCS file: /home/ncvs/ports/security/op/Makefile,v >retrieving revision 1.12 >diff -u -I$Id.*$ -I$.+BSD.*$ -r1.12 Makefile >--- Makefile 15 Oct 2003 13:03:15 -0000 1.12 >+++ Makefile 22 Dec 2003 22:52:23 -0000 >@@ -7,7 +7,7 @@ > > PORTNAME= op > PORTVERSION= 1.11 >-PORTREVISION= 2 >+PORTREVISION= 3 > CATEGORIES= security > MASTER_SITES= ftp://ftp.cerias.purdue.edu/pub/tools/%SUBDIR%/ \ > ftp://ftp.rge.com/pub/security/cerias/tools/%SUBDIR%/ \ >@@ -15,7 +15,7 @@ > ftp://ftp.nask.pl/pub/mirror/coast.cs.purdue.edu/%SUBDIR%/ > MASTER_SITE_SUBDIR= unix/sysutils/${PORTNAME} > >-MAINTAINER= cyrille.lefevre@laposte.net >+MAINTAINER= Steve Simmons <scs@umich.edu> > COMMENT= Allow others to run commands as root (like sudo but different) > > # Global variables >Index: files/patch-main.c >=================================================================== >RCS file: /home/ncvs/ports/security/op/files/patch-main.c,v >retrieving revision 1.2 >diff -u -I$Id.*$ -I$.+BSD.*$ -r1.2 patch-main.c >--- files/patch-main.c 15 Oct 2003 13:03:16 -0000 1.2 >+++ files/patch-main.c 22 Dec 2003 22:33:49 -0000 >@@ -1,5 +1,5 @@ >---- main.c.orig Wed Oct 15 05:58:41 2003 >-+++ main.c Wed Oct 15 06:02:22 2003 >+--- main.c.orig Mon Dec 22 23:26:47 2003 >++++ main.c Mon Dec 22 23:27:23 2003 > @@ -9,7 +9,7 @@ > /* +-------------------------------------------------------------------+ */ > >@@ -9,7 +9,15 @@ > #include <syslog.h> > #include <pwd.h> > #include <grp.h> >-@@ -170,14 +170,11 @@ >+@@ -51,6 +51,7 @@ >+ extern char *getpass(), *crypt(); >+ >+ char *Progname; >++int fatal(char *s, ...); >+ char *format_cmd(); >+ char *GetCode(); >+ cmd_t *Find(); >+@@ -170,14 +171,11 @@ > return Go(new, num, argc, argv); > } > >@@ -26,7 +34,7 @@ > vfprintf(stderr, s, ap); > fputc('\n', stderr); > va_end(ap); >-@@ -448,29 +445,17 @@ >+@@ -448,35 +446,28 @@ > char *cp, *np; > struct passwd *pw; > struct group *gr; >@@ -50,15 +58,29 @@ > - } > - > if ((cp = FindOpt(cmd, "gid")) == NULL) { >- ; /* don't have a default */ >+- ; /* don't have a default */ >++ if (setgid(0) < 0) >++ fatal("Unable to set gid to default", cp); > } else { > for (cp=GetField(cp, str); cp!=NULL; cp=GetField(cp, str)) { > - if ((gr = getgrnam(cp)) != NULL) > + if ((gr = getgrnam(str)) != NULL) > gidset[ngroups++] = gr->gr_gid; >++ else >++ gidset[ngroups++] = atoi(str); > } > if (ngroups == 0) >-@@ -533,6 +518,18 @@ >+- fatal("Unable to setgid to any group"); >++ fatal("Unable to set gid to any group"); >+ if (setgroups(ngroups, gidset) < 0) >+- fatal("Set group failed"); >++ fatal("Unable to set auxiliary groups"); >++ if (setgid(gidset[0]) < 0) >++ fatal("Unable to set gid to %s", gidset[0]); >+ } >+ >+ if ((cp = FindOpt(cmd, "umask")) == NULL) { >+@@ -533,6 +524,17 @@ > new_envp[curenv++] = environ[i]; > } > new_envp[curenv] = NULL; >@@ -70,8 +92,7 @@ > + if ((pw = getpwnam(cp)) == NULL) { > + if (setuid(atoi(cp)) < 0) > + fatal("Unable to set uid to %s", cp); >-+ } >-+ if (setuid(pw->pw_uid) < 0) >++ } else if (setuid(pw->pw_uid) < 0) > + fatal("Unable to set uid to %s", cp); > + }
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=38191">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 60516
: 38191