summaryrefslogtreecommitdiff
path: root/misc/kdeutils2
diff options
context:
space:
mode:
authorskrll <skrll>2001-11-10 19:43:33 +0000
committerskrll <skrll>2001-11-10 19:43:33 +0000
commit7a7404044dc1d0d577f462e6dad3ad3824ef532f (patch)
tree1bbc2ebc535c71e679b62a642b69a6875da68d36 /misc/kdeutils2
parentc580f82bb122808e4dd0954a941670cf0429fadf (diff)
downloadpkgsrc-7a7404044dc1d0d577f462e6dad3ad3824ef532f.tar.gz
Don't install efax setuid root.
From the email to kde-announce: The program "efax" which is distributed as part of the klprfax program in the kdeutils module poses a security risk when installed suid. "efax" has been part of KDE 2.2 and KDE 2.2.1 and is installed suid by default. Scope: a local user can gain root privileges by exploiting a bug in "efax". Solution: Remove the suid bit from the "efax" executable. This can be done with the following command: chmod -s `locate bin/efax` "efax" will continue to work as before as long as users have sufficient rights to create lock files in the system lock directory (like /var/lock) and sufficient rights to open the modem device.
Diffstat (limited to 'misc/kdeutils2')
-rw-r--r--misc/kdeutils2/Makefile6
1 files changed, 5 insertions, 1 deletions
diff --git a/misc/kdeutils2/Makefile b/misc/kdeutils2/Makefile
index 54b923312a3..475e78f733a 100644
--- a/misc/kdeutils2/Makefile
+++ b/misc/kdeutils2/Makefile
@@ -1,7 +1,8 @@
-# $NetBSD: Makefile,v 1.5 2001/10/15 22:45:58 skrll Exp $
+# $NetBSD: Makefile,v 1.6 2001/11/10 19:43:33 skrll Exp $
#
DISTNAME= kdeutils-2.2.1
+PKGNAME= ${DISTNAME}nb1
CATEGORIES= misc kde
.include "../../x11/kde2/Makefile.part1"
COMMENT= Utilities for the KDE integrated X11 desktop
@@ -18,4 +19,7 @@ LIBS= -Wl,--export-dynamic
CPPFLAGS+= -D__NetBSD_APM__
.endif
+post-install:
+ ${CHMOD} -s ${PREFIX}/bin/efax
+
.include "../../mk/bsd.pkg.mk"