summaryrefslogtreecommitdiff
path: root/wm
diff options
context:
space:
mode:
authoratatat <atatat@pkgsrc.org>2003-02-12 00:47:52 +0000
committeratatat <atatat@pkgsrc.org>2003-02-12 00:47:52 +0000
commit3e4aff075b357112f899cd94a4fd0deee7a0407f (patch)
tree6bc3a8df63ef19bad53bcc79304364569be3adc9 /wm
parentdbf78792e5fd24e20fbfc6cf01a746e8601d08b0 (diff)
downloadpkgsrc-3e4aff075b357112f899cd94a4fd0deee7a0407f.tar.gz
Re-open /dev/null on the (now) closed stdin file descriptor. The
fvwm2 changelog says they did this to make gmplayer realize it was not running interactively (ie, its stdin was not a tty), but that means that all things get executed with stdin closed. That's not a very good security posture. Some things can get confused or do wrong things if stdin is closed when they start.
Diffstat (limited to 'wm')
-rw-r--r--wm/fvwm2/Makefile3
-rw-r--r--wm/fvwm2/distinfo3
-rw-r--r--wm/fvwm2/patches/patch-ac27
3 files changed, 31 insertions, 2 deletions
diff --git a/wm/fvwm2/Makefile b/wm/fvwm2/Makefile
index 34e1800c1db..8d039e262eb 100644
--- a/wm/fvwm2/Makefile
+++ b/wm/fvwm2/Makefile
@@ -1,9 +1,10 @@
-# $NetBSD: Makefile,v 1.29 2003/01/26 13:13:54 martti Exp $
+# $NetBSD: Makefile,v 1.30 2003/02/12 00:47:52 atatat Exp $
# FreeBSD Id: Makefile,v 1.12 1997/10/11 10:42:43 jkh Exp
#
DISTNAME= fvwm-${FVWM_VER}
PKGNAME= fvwm2-${FVWM_VER}
+PKGREVISION= 2
CATEGORIES= x11 wm
MASTER_SITES= ftp://ftp.fvwm.org/pub/fvwm/version-2/ \
http://www.fvwm.org/generated/icon_download/ \
diff --git a/wm/fvwm2/distinfo b/wm/fvwm2/distinfo
index f0127c0cd7a..6186fdd1105 100644
--- a/wm/fvwm2/distinfo
+++ b/wm/fvwm2/distinfo
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.18 2003/01/26 13:13:54 martti Exp $
+$NetBSD: distinfo,v 1.19 2003/02/12 00:47:52 atatat Exp $
SHA1 (fvwm-2.4.15.tar.gz) = 1b022b8c199ba4f3596aa1866b1181e6fc8f1f38
Size (fvwm-2.4.15.tar.gz) = 1778746 bytes
@@ -6,3 +6,4 @@ SHA1 (fvwm_icons.tgz) = d6ee1e52f1a84c4edd722ccee0f7e9cc79cc2a4b
Size (fvwm_icons.tgz) = 363406 bytes
SHA1 (patch-aa) = 31533662f175f9958eed78b8d181c0b71296c6de
SHA1 (patch-ab) = abbd63336b9aaf67a9fa9bbe4f49c1d7234c23d9
+SHA1 (patch-ac) = 714a3311683ce472cfbd60a052a02ec957ecfadb
diff --git a/wm/fvwm2/patches/patch-ac b/wm/fvwm2/patches/patch-ac
new file mode 100644
index 00000000000..87d9159adeb
--- /dev/null
+++ b/wm/fvwm2/patches/patch-ac
@@ -0,0 +1,27 @@
+$NetBSD: patch-ac,v 1.1 2003/02/12 00:47:53 atatat Exp $
+
+Re-open /dev/null on the (now) closed stdin file descriptor. The
+fvwm2 changelog says they did this to make gmplayer realize it was
+not running interactively (ie, its stdin was not a tty), but that
+means that all things get executed with stdin closed. That's not a
+very good security posture. Some things can get confused or do
+wrong things if stdin is closed when they start.
+
+--- fvwm/builtins.c.orig 2003-01-16 07:58:58.000000000 -0500
++++ fvwm/builtins.c
+@@ -23,6 +23,7 @@
+
+ #include "config.h"
+
++#include <fcntl.h>
+ #include <stdio.h>
+ #include <signal.h>
+ #include <errno.h>
+@@ -784,6 +785,7 @@ void CMD_Exec(F_CMD_ARGS)
+ {
+ /* close stdin so the exec'd process knows its not interactive */
+ close(0);
++ open("/dev/null", O_RDWR);
+ if (execl(exec_shell_name, exec_shell_name, "-c", cmd, NULL)==-1)
+ {
+ fvwm_msg(ERR,"exec_function","execl failed (%s)",strerror(errno));