Mercurial Mercurial > upstream > spec-files-extra / file revision
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
patches/maildrop-01-cve-2010-0301.diff
author trisk
Fri, 05 Feb 2010 05:49:31 +0000
changeset 2340 7f12c218519a
permissions -rw-r--r--
2010-02-05 Albert Lee <[email protected]> * SFEgcc.spec: Fix bootstrap compiler flags * SFEmaildrop.spec: Add patch1 for CVE-2010-0301. Drop setuid root. * patches/maildrop-01-cve-2010-0301.diff: Fix GID when run as root.

--- ../old/maildrop-2.2.0/maildrop/main.C	2008-05-08 17:38:46.000000000 +0200
+++ maildrop-2.2.0/maildrop/main.C	2010-01-28 20:23:35.000000000 +0100
@@ -471,6 +471,10 @@
 					nouser();
 #if	RESET_GID
 				setgroupid(my_pw->pw_gid);
+#else
+                                // Only change it if we're root
+                                if (geteuid() == 0)
+                                        setgroupid(getegid());
 #endif
 				setuid(my_pw->pw_uid);
 				if (getuid() != my_pw->pw_uid)
upstream/spec-files-extra