--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/components/trousers/patches/rpc_ps.c.patch Mon May 23 14:58:25 2011 -0700
@@ -0,0 +1,54 @@
+--- src/tcs/rpc/tcstp/rpc_ps.c.orig 2011-03-23 11:01:54.707428173 -0700
++++ src/tcs/rpc/tcstp/rpc_ps.c 2011-03-23 11:27:00.753845441 -0700
+@@ -26,6 +26,29 @@
+ #include "tcs_utils.h"
+ #include "rpc_tcstp_tcs.h"
+
++#ifdef SOLARIS
++#include <ucred.h>
++#include <errno.h>
++
++static TSS_RESULT
++verify_peer(struct tcsd_thread_data *data)
++{
++ ucred_t *uc = NULL;
++ if (getpeerucred(data->sock, &uc)) {
++ LogError("Failed to get peer credential (%s)",
++ strerror(errno));
++ return TCSERR(TSS_E_TSP_AUTHFAIL);
++ }
++ if (ucred_geteuid(uc) != 0) {
++ LogError("Unauthorized attempt to modify a system key",
++ strerror(errno));
++ ucred_free(uc);
++ return TCSERR(TSS_E_TSP_AUTHFAIL);
++ }
++ ucred_free(uc);
++ return (TSS_SUCCESS);
++}
++#endif
+
+ TSS_RESULT
+ tcs_wrap_RegisterKey(struct tcsd_thread_data *data)
+@@ -38,6 +61,10 @@
+ UINT32 cVendorData;
+ BYTE *gbVendorData;
+ TSS_RESULT result;
++#ifdef SOLARIS
++ if ( (result = verify_peer(data)) != TSS_SUCCESS)
++ return (result);
++#endif
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+@@ -99,6 +126,10 @@
+ TCS_CONTEXT_HANDLE hContext;
+ TSS_UUID uuid;
+ TSS_RESULT result;
++#ifdef SOLARIS
++ if ( (result = verify_peer(data)) != TSS_SUCCESS)
++ return (result);
++#endif
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);