diff options
| author | Kaarle Ritvanen <kaarle.ritvanen@datakunkku.fi> | 2017-07-20 15:20:15 +0300 |
|---|---|---|
| committer | Kaarle Ritvanen <kaarle.ritvanen@datakunkku.fi> | 2017-07-20 15:20:15 +0300 |
| commit | 2568607f076767189a90e1b046687fa34e71d1f3 (patch) | |
| tree | 9e8010cad55e75a13941a3d2a42e9eeb4cb92a67 /main/abuild | |
| parent | bf03dbfaf19de6969fa6289b7e6f656b0fe04211 (diff) | |
| download | aports-2568607f076767189a90e1b046687fa34e71d1f3.tar.bz2 aports-2568607f076767189a90e1b046687fa34e71d1f3.tar.xz | |
main/abuild: prevent forging of user name
Diffstat (limited to 'main/abuild')
| -rw-r--r-- | main/abuild/0001-abuild-sudo-prevent-forging-of-user-name.patch | 46 | ||||
| -rw-r--r-- | main/abuild/APKBUILD | 6 |
2 files changed, 50 insertions, 2 deletions
diff --git a/main/abuild/0001-abuild-sudo-prevent-forging-of-user-name.patch b/main/abuild/0001-abuild-sudo-prevent-forging-of-user-name.patch new file mode 100644 index 0000000000..bb480634df --- /dev/null +++ b/main/abuild/0001-abuild-sudo-prevent-forging-of-user-name.patch @@ -0,0 +1,46 @@ +From 829a501de758c5226b1aae27ecb0d95bc3b6db6b Mon Sep 17 00:00:00 2001 +From: Kaarle Ritvanen <kaarle.ritvanen@datakunkku.fi> +Date: Mon, 17 Jul 2017 21:02:35 +0300 +Subject: [PATCH] abuild-sudo: prevent forging of user name + +--- + abuild-sudo.c | 17 +++++++---------- + 1 file changed, 7 insertions(+), 10 deletions(-) + +diff --git a/abuild-sudo.c b/abuild-sudo.c +index de8eb94..3afd887 100644 +--- a/abuild-sudo.c ++++ b/abuild-sudo.c +@@ -77,22 +77,19 @@ int main(int argc, const char *argv[]) + if (grent == NULL) + errx(1, "%s: Group not found", ABUILD_GROUP); + +- char *name = getlogin(); +- if (name == NULL) { +- pw = getpwuid(getuid()); +- if (pw) +- name = pw->pw_name; +- } ++ char *name = NULL; ++ pw = getpwuid(getuid()); ++ if (pw) ++ name = pw->pw_name; + + if (!is_in_group(grent->gr_gid)) { + errx(1, "User %s is not a member of group %s\n", + name ? name : "(unknown)", ABUILD_GROUP); + } +- if (name) { +- setenv("USER", name, 1); +- } else { ++ ++ if (name == NULL) + warnx("Could not find username for uid %d\n", getuid()); +- } ++ setenv("USER", name ?: "", 1); + + cmd = strrchr(argv[0], '/'); + if (cmd) +-- +2.9.4 + diff --git a/main/abuild/APKBUILD b/main/abuild/APKBUILD index 8185f162da..3161bf9805 100644 --- a/main/abuild/APKBUILD +++ b/main/abuild/APKBUILD @@ -2,7 +2,7 @@ pkgname=abuild pkgver=3.0.0_rc4 _ver=${pkgver%_git*} -pkgrel=1 +pkgrel=2 pkgdesc="Script to build Alpine Packages" url="http://git.alpinelinux.org/cgit/abuild/" arch="all" @@ -22,6 +22,7 @@ options="suid !check" pkggroups="abuild" source="http://dev.alpinelinux.org/archive/abuild/abuild-$_ver.tar.xz 0001-abuild-add-sanitycheck-for-secfixes-comment.patch + 0001-abuild-sudo-prevent-forging-of-user-name.patch " builddir="$srcdir/$pkgname-$_ver" @@ -69,4 +70,5 @@ _rootbld() { } sha512sums="e3b3827b7c3ebdc5d8ab39b1fc514a3cc0ed75a6d5ebc86c9d986441a7a16c1a3aa11f9840c35aa7f000a593421fdc9804b3608d7247f0b4686ba48cc898846a abuild-3.0.0_rc4.tar.xz -94cdfba2c185e96d3a631b36f5b438fd95f90a73b06cbb4afa7864454e05b7c91f6e7a905d7ec73e39fdcf2ab050a7ca59129621dabb39bdc0e2bf2ba38871a0 0001-abuild-add-sanitycheck-for-secfixes-comment.patch" +94cdfba2c185e96d3a631b36f5b438fd95f90a73b06cbb4afa7864454e05b7c91f6e7a905d7ec73e39fdcf2ab050a7ca59129621dabb39bdc0e2bf2ba38871a0 0001-abuild-add-sanitycheck-for-secfixes-comment.patch +3b69a3ee4b07d2e7567408d24f41af4076a2a2948ccf2cacf7b6f1f964edf425c8cf49536e2e42c0eac16681d92daea96c10c41a797459a9aba9845d20a841fb 0001-abuild-sudo-prevent-forging-of-user-name.patch" |