diff options
author | Sean Whitton <spwhitton@spwhitton.name> | 2021-07-24 15:54:56 -0700 |
---|---|---|
committer | Sean Whitton <spwhitton@spwhitton.name> | 2021-07-24 15:54:56 -0700 |
commit | 60c7b76236993fca9e48f5a9e8af09f64d5623ca (patch) | |
tree | 819e9b79f36856cc4cec77e114f5b30276cd4eed /debian/patches/setuid-ensure-we-chdir2-before-we-setuid.patch | |
parent | 56129dd9f5ed15891a3714c3d797f0a327760ee9 (diff) | |
download | consfigurator-debian/0.8.0-2.tar.gz |
Commit Debian 3.0 (quilt) metadatadebian/0.8.0-2archive/debian/0.8.0-2
[dgit (9.13) quilt-fixup]
Diffstat (limited to 'debian/patches/setuid-ensure-we-chdir2-before-we-setuid.patch')
-rw-r--r-- | debian/patches/setuid-ensure-we-chdir2-before-we-setuid.patch | 28 |
1 files changed, 28 insertions, 0 deletions
diff --git a/debian/patches/setuid-ensure-we-chdir2-before-we-setuid.patch b/debian/patches/setuid-ensure-we-chdir2-before-we-setuid.patch new file mode 100644 index 0000000..00a55d9 --- /dev/null +++ b/debian/patches/setuid-ensure-we-chdir2-before-we-setuid.patch @@ -0,0 +1,28 @@ +From: Sean Whitton <spwhitton@spwhitton.name> +Date: Fri, 23 Jul 2021 08:43:06 -0700 +X-Dgit-Generated: 0.8.0-2 927cdd896fd1a4d64691d50a90cdd11ce7d675f9 +Subject: :SETUID: ensure we chdir(2) before we setuid(2) + +Signed-off-by: Sean Whitton <spwhitton@spwhitton.name> +(cherry picked from commit ae2f8d30cbcd82126de7daeb4b94dd05d5b46f01) + +--- + +--- consfigurator-0.8.0.orig/src/connection/setuid.lisp ++++ consfigurator-0.8.0/src/connection/setuid.lisp +@@ -67,12 +67,12 @@ + (run-program (list "chown" "-R" + (format nil "~A:~A" uid gid) + (unix-namestring (slot-value connection 'datadir)))) ++ (posix-login-environment ++ user (connection-connattr connection :remote-home)) + ;; We are privileged, so this sets the real, effective and saved IDs. + (unless (zerop (setgid gid)) + (error "setgid(2) failed!")) + (unless (zerop (initgroups user gid)) + (error "initgroups(3) failed!")) + (unless (zerop (setuid uid)) +- (error "setuid(2) failed!")) +- (posix-login-environment +- user (connection-connattr connection :remote-home)))) ++ (error "setuid(2) failed!")))) |