aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorNatanael Copa <ncopa@alpinelinux.org>2014-06-05 08:55:05 +0000
committerNatanael Copa <ncopa@alpinelinux.org>2014-06-17 10:01:39 +0000
commit53d049ee391dde7c74d37262eb0c027c61c8562f (patch)
tree32359f33719e7c08b1c2528aaff91477cba648ad
parentde55133bd1474e9684c2b288e2ccfd89a7535afc (diff)
downloadaports-53d049ee391dde7c74d37262eb0c027c61c8562f.tar.bz2
aports-53d049ee391dde7c74d37262eb0c027c61c8562f.tar.xz
main/bash: fix setuid bug
ref #2990 fixes #2991 (cherry picked from commit 883b411c85593d30f2296a157a733aa799c32828) Conflicts: main/bash/APKBUILD
-rw-r--r--main/bash/APKBUILD4
-rw-r--r--main/bash/bash_4.3-fix-setuid.patch31
2 files changed, 34 insertions, 1 deletions
diff --git a/main/bash/APKBUILD b/main/bash/APKBUILD
index 0bb79acb68..140fd92572 100644
--- a/main/bash/APKBUILD
+++ b/main/bash/APKBUILD
@@ -5,7 +5,7 @@ pkgver=4.2.037
_patchlevel=${pkgver##*.}
_myver=${pkgver%.*}
_patchbase=${_myver%.*}${_myver#*.}
-pkgrel=0
+pkgrel=1
pkgdesc="The GNU Bourne Again shell"
arch="all"
license='GPL'
@@ -15,6 +15,7 @@ depends=
subpackages="$pkgname-doc"
source="http://ftp.gnu.org/gnu/bash/bash-${_myver}.tar.gz
bash-noinfo.patch
+ bash_4.3-fix-setuid.patch
"
# generate url's to patches. note: no forks allowed!
_i=1
@@ -68,6 +69,7 @@ package() {
}
md5sums="3fb927c7c33022f1c327f14a81c0d4b0 bash-4.2.tar.gz
80fec5f3d60a63756a4999c877e31a8e bash-noinfo.patch
+c87b8d9e12d628eac829dc08f4607a20 bash_4.3-fix-setuid.patch
1100bc1dda2cdc06ac44d7e5d17864a3 bash42-001
30e7948079921d3261efcc6a40722135 bash42-002
9ea06decec43a198f3d7cf29acc602f8 bash42-003
diff --git a/main/bash/bash_4.3-fix-setuid.patch b/main/bash/bash_4.3-fix-setuid.patch
new file mode 100644
index 0000000000..4f8a7a0999
--- /dev/null
+++ b/main/bash/bash_4.3-fix-setuid.patch
@@ -0,0 +1,31 @@
+diff --git shell.c shell.c
+index bbc8a66..5bfd466 100644
+--- shell.c
++++ shell.c
+@@ -1226,8 +1226,12 @@ uidget ()
+ void
+ disable_priv_mode ()
+ {
+- setuid (current_user.uid);
+- setgid (current_user.gid);
++
++ if( (setuid (current_user.uid) !=0) || (setgid (current_user.gid) != 0) ){
++ report_error("Drop privileges failed!!\n");
++ exit(EX_DROPFAIL);
++ }
++
+ current_user.euid = current_user.uid;
+ current_user.egid = current_user.gid;
+ }
+diff --git shell.h shell.h
+index 243e467..c3625be 100644
+--- shell.h
++++ shell.h
+@@ -72,6 +72,7 @@ extern int EOF_Reached;
+ #define EX_REDIRFAIL 259 /* redirection failed */
+ #define EX_BADASSIGN 260 /* variable assignment error */
+ #define EX_EXPFAIL 261 /* word expansion failed */
++#define EX_DROPFAIL 262 /* Drop privileges failed */
+
+ /* Flag values that control parameter pattern substitution. */
+ #define MATCH_ANY 0x000