Add security patch from the FreeBSD ports collection:

Drop setgid kmem privs before executing external programs. Reported by: Christer Oberg <christer.oberg@gmx.net> Bump the package revision to 3.
author: tron <tron> 2002-09-18 10:40:12 +0000
committer: tron <tron> 2002-09-18 10:40:12 +0000
commit: 56ced99d9150c1856ae7daf40ef5426527263341 (patch)
tree: 4bc0a82c2669065f54bb6ecf5a3d712ccd3bd05a /net/wmnet/patches
parent: 4b8f90448c73599f04aacfc7327f33e6b1abb899 (diff)
download: pkgsrc-56ced99d9150c1856ae7daf40ef5426527263341.tar.gz
1 files changed, 9 insertions, 1 deletions
diff --git a/net/wmnet/patches/patch-ad b/net/wmnet/patches/patch-ad
index ca99652c2c5..45c5fe2efa0 100644
--- a/net/wmnet/patches/patch-ad
+++ b/net/wmnet/patches/patch-ad
@@ -1,4 +1,4 @@
-$NetBSD: patch-ad,v 1.3 2002/07/18 12:57:58 seb Exp $
+$NetBSD: patch-ad,v 1.4 2002/09/18 10:40:13 tron Exp $
 
 --- wmnet.c.orig	Fri May  5 03:01:14 2000
 +++ wmnet.c	Mon Jul  8 16:52:30 2002
@@ -181,3 +181,11 @@ $NetBSD: patch-ad,v 1.3 2002/07/18 12:57:58 seb Exp $
  		XFillRectangle(dpy, *visible_window, graphics_context, 4, 5, 37, 9);
  	}
  	if (rate < .1) {
+@@ -732,6 +732,7 @@
+ 			case ButtonPress:
+ 				if(event.xbutton.button == Button1 && click_command != NULL) {
+ 					if (fork() == 0) {
++						setgid(getgid());
+ 						execl("/bin/sh", "sh", "-c", click_command, NULL);
+ 						perror("wmnet: execl()");
+ 						exit(15);
author	tron <tron>	2002-09-18 10:40:12 +0000
committer	tron <tron>	2002-09-18 10:40:12 +0000
commit	56ced99d9150c1856ae7daf40ef5426527263341 (patch)
tree	4bc0a82c2669065f54bb6ecf5a3d712ccd3bd05a /net/wmnet/patches
parent	4b8f90448c73599f04aacfc7327f33e6b1abb899 (diff)
download	pkgsrc-56ced99d9150c1856ae7daf40ef5426527263341.tar.gz