Added debian/patches/dyson-privileges.patch

2 files changed, 43 insertions, 0 deletions

diff --git a/debian/patches/dyson-privileges.patch b/debian/patches/dyson-privileges.patch
new file mode 100644
index 0000000..9c237c3
--- /dev/null
+++ b/debian/patches/dyson-privileges.patch
@@ -0,0 +1,42 @@
+Description: cannot reclaim root
+  "Thus, a set-user-ID-root program wishing to temporarily drop root
+   privileges, assume the identity of an unprivileged user, and then regain
+   root privileges afterward cannot use setuid(). You can accomplish this
+   with seteuid(2)."
+  (http://linux.die.net/man/2/setuid)
+
+  "For portability, it is recommended that new non-privileged applications
+   use the seteuid() and setegid() functions instead."
+  (http://pubs.opengroup.org/onlinepubs/009695399/functions/setuid.html)
+Index: lightdm-1.10.3/common/privileges.c
+===================================================================
+--- lightdm-1.10.3.orig/common/privileges.c
++++ lightdm-1.10.3/common/privileges.c
+@@ -23,13 +23,11 @@ privileges_drop (uid_t uid, gid_t gid)
+ #ifdef HAVE_SETRESGID
+     g_assert (setresgid (gid, gid, -1) == 0);
+ #else
+-    g_assert (setgid (gid) == 0);
+     g_assert (setegid (gid) == 0);
+ #endif
+ #ifdef HAVE_SETRESUID
+     g_assert (setresuid (uid, uid, -1) == 0);
+ #else
+-    g_assert (setuid (uid) == 0);
+     g_assert (seteuid (uid) == 0);
+ #endif
+ }
+@@ -40,13 +38,11 @@ privileges_reclaim (void)
+ #ifdef HAVE_SETRESUID
+     g_assert (setresuid (0, 0, -1) == 0);
+ #else
+-    g_assert (setuid (0) == 0);
+     g_assert (seteuid (0) == 0);
+ #endif
+ #ifdef HAVE_SETRESGID
+     g_assert (setresgid (0, 0, -1) == 0);
+ #else
+-    g_assert (setgid (0) == 0);
+     g_assert (setegid (0) == 0);
+ #endif
+ }
diff --git a/debian/patches/series b/debian/patches/series
index 6df7c5d..c51a18e 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -6,3 +6,4 @@
 dyson-LC_IDENTIFICATION.patch
 dyson-cleandist.patch
 dyson-utmp.patch
+dyson-privileges.patch