diff options
author | Natanael Copa <ncopa@alpinelinux.org> | 2014-06-05 08:55:05 +0000 |
---|---|---|
committer | Natanael Copa <ncopa@alpinelinux.org> | 2014-06-17 10:01:39 +0000 |
commit | 53d049ee391dde7c74d37262eb0c027c61c8562f (patch) | |
tree | 32359f33719e7c08b1c2528aaff91477cba648ad | |
parent | de55133bd1474e9684c2b288e2ccfd89a7535afc (diff) | |
download | aports-53d049ee391dde7c74d37262eb0c027c61c8562f.tar.bz2 aports-53d049ee391dde7c74d37262eb0c027c61c8562f.tar.xz |
main/bash: fix setuid bug
ref #2990
fixes #2991
(cherry picked from commit 883b411c85593d30f2296a157a733aa799c32828)
Conflicts:
main/bash/APKBUILD
-rw-r--r-- | main/bash/APKBUILD | 4 | ||||
-rw-r--r-- | main/bash/bash_4.3-fix-setuid.patch | 31 |
2 files changed, 34 insertions, 1 deletions
diff --git a/main/bash/APKBUILD b/main/bash/APKBUILD index 0bb79acb68..140fd92572 100644 --- a/main/bash/APKBUILD +++ b/main/bash/APKBUILD @@ -5,7 +5,7 @@ pkgver=4.2.037 _patchlevel=${pkgver##*.} _myver=${pkgver%.*} _patchbase=${_myver%.*}${_myver#*.} -pkgrel=0 +pkgrel=1 pkgdesc="The GNU Bourne Again shell" arch="all" license='GPL' @@ -15,6 +15,7 @@ depends= subpackages="$pkgname-doc" source="http://ftp.gnu.org/gnu/bash/bash-${_myver}.tar.gz bash-noinfo.patch + bash_4.3-fix-setuid.patch " # generate url's to patches. note: no forks allowed! _i=1 @@ -68,6 +69,7 @@ package() { } md5sums="3fb927c7c33022f1c327f14a81c0d4b0 bash-4.2.tar.gz 80fec5f3d60a63756a4999c877e31a8e bash-noinfo.patch +c87b8d9e12d628eac829dc08f4607a20 bash_4.3-fix-setuid.patch 1100bc1dda2cdc06ac44d7e5d17864a3 bash42-001 30e7948079921d3261efcc6a40722135 bash42-002 9ea06decec43a198f3d7cf29acc602f8 bash42-003 diff --git a/main/bash/bash_4.3-fix-setuid.patch b/main/bash/bash_4.3-fix-setuid.patch new file mode 100644 index 0000000000..4f8a7a0999 --- /dev/null +++ b/main/bash/bash_4.3-fix-setuid.patch @@ -0,0 +1,31 @@ +diff --git shell.c shell.c +index bbc8a66..5bfd466 100644 +--- shell.c ++++ shell.c +@@ -1226,8 +1226,12 @@ uidget () + void + disable_priv_mode () + { +- setuid (current_user.uid); +- setgid (current_user.gid); ++ ++ if( (setuid (current_user.uid) !=0) || (setgid (current_user.gid) != 0) ){ ++ report_error("Drop privileges failed!!\n"); ++ exit(EX_DROPFAIL); ++ } ++ + current_user.euid = current_user.uid; + current_user.egid = current_user.gid; + } +diff --git shell.h shell.h +index 243e467..c3625be 100644 +--- shell.h ++++ shell.h +@@ -72,6 +72,7 @@ extern int EOF_Reached; + #define EX_REDIRFAIL 259 /* redirection failed */ + #define EX_BADASSIGN 260 /* variable assignment error */ + #define EX_EXPFAIL 261 /* word expansion failed */ ++#define EX_DROPFAIL 262 /* Drop privileges failed */ + + /* Flag values that control parameter pattern substitution. */ + #define MATCH_ANY 0x000 |