#
# Copyright 2007 Sun Microsystems, Inc. All rights reserved.
#
# Permission is hereby granted, free of charge, to any person obtaining a
# copy of this software and associated documentation files (the
# "Software"), to deal in the Software without restriction, including
# without limitation the rights to use, copy, modify, merge, publish,
# distribute, and/or sell copies of the Software, and to permit persons
# to whom the Software is furnished to do so, provided that the above
# copyright notice(s) and this permission notice appear in all copies of
# the Software and that both the above copyright notice(s) and this
# permission notice appear in supporting documentation.
#
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
# OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT
# OF THIRD PARTY RIGHTS. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR
# HOLDERS INCLUDED IN THIS NOTICE BE LIABLE FOR ANY CLAIM, OR ANY SPECIAL
# INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES WHATSOEVER RESULTING
# FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
# NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
# WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
#
# Except as contained in this notice, the name of a copyright holder
# shall not be used in advertising or otherwise to promote the sale, use
# or other dealings in this Software without prior written authorization
# of the copyright holder.
#
# @(#)setuid.patch 1.3 08/03/24 SMI
#
Additional security checks for setuid programs that X.Org upstream doesn't
have yet.
--- src/RdFToI.c 2006-10-11 15:31:40.000000000 -0700
+++ src/RdFToI.c 2006-10-03 16:34:35.553330000 -0700
@@ -154,7 +154,15 @@
goto err;
if ( 0 == pid )
{
- execlp(cmd, cmd, arg1, (char *)NULL);
+/* #ifdef SUNSOFT */
+ closefrom(3);
+ if (issetugid()) {
+ char commandpath[32] = "/usr/bin/";
+ strlcat(commandpath, cmd, sizeof(commandpath));
+ execl(commandpath, cmd, arg1, NULL);
+ } else
+/* #endif */
+ execlp(cmd, cmd, arg1, NULL);
perror(cmd);
goto err;
}