Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 145228 Details for
Bug 210372
sys-apps/portage-2.1.4.4 suidctl broken
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
fix broken path handling
suidctl.patch (text/plain), 1.83 KB, created by
Zac Medico
on 2008-03-03 19:26:03 UTC
(
hide
)
Description:
fix broken path handling
Filename:
MIME Type:
Creator:
Zac Medico
Created:
2008-03-03 19:26:03 UTC
Size:
1.83 KB
patch
obsolete
>Index: bin/misc-functions.sh >=================================================================== >--- bin/misc-functions.sh (revision 9355) >+++ bin/misc-functions.sh (revision 9423) >@@ -490,27 +490,28 @@ > fi > # total suid control. > if hasq suidctl $FEATURES; then >+ local sfconf > sfconf=${PORTAGE_CONFIGROOT}etc/portage/suidctl.conf >+ # sandbox prevents us from writing directly >+ # to files outside of the sandbox, but this >+ # can easly be bypassed using the addwrite() function >+ addwrite "${sfconf}" > vecho ">>> Performing suid scan in ${D}" > for i in $(find "${D}" -type f \( -perm -4000 -o -perm -2000 \) ); do > if [ -s "${sfconf}" ]; then >- suid="$(grep "^/${i#${D}}$" "${sfconf}")" >- if [ "${suid}" = "${i/${D}}" ]; then >- vecho "- ${i/${D}} is an approved suid file" >+ install_path=/${i#${D}} >+ if grep -q "^${install_path}\$" "${sfconf}" ; then >+ vecho "- ${install_path} is an approved suid file" > else >- vecho ">>> Removing sbit on non registered ${i/${D}}" >+ vecho ">>> Removing sbit on non registered ${install_path}" > for x in 5 4 3 2 1 0; do echo -ne "\a"; sleep 0.25 ; done > vecho -ne "\a" > ls_ret=$(ls -ldh "${i}") > chmod ugo-s "${i}" >- grep "^#${i/${D}}$" "${sfconf}" > /dev/null || { >- # sandbox prevents us from writing directly >- # to files outside of the sandbox, but this >- # can easly be bypassed using the addwrite() function >- addwrite "${sfconf}" >+ grep "^#${install_path}$" "${sfconf}" > /dev/null || { > vecho ">>> Appending commented out entry to ${sfconf} for ${PF}" >- echo "## ${ls_ret%${D}*}${ls_ret#*${D}}" >> "${sfconf}" >- echo "#${i/${D}}" >> "${sfconf}" >+ echo "## ${ls_ret%${D}*}${install_path}" >> "${sfconf}" >+ echo "#${install_path}" >> "${sfconf}" > # no delwrite() eh? > # delwrite ${sconf} > }
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=145228">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 210372
:
143935
| 145228
