diff options
| author | drochner <drochner> | 2009-02-04 21:20:39 +0000 |
|---|---|---|
| committer | drochner <drochner> | 2009-02-04 21:20:39 +0000 |
| commit | 772f60945885fc919a26dacbfa5b5b9070c7924c (patch) | |
| tree | 3ee79e717908c65966c034b0a72681074948b06a /www/privoxy/patches | |
| parent | 9a271e287e860d1bb9af8ed9eb46ee8872b44a4f (diff) | |
| download | pkgsrc-772f60945885fc919a26dacbfa5b5b9070c7924c.tar.gz | |
give up supplementary group memberships on uid/gid switch, fixes
unexpected privileges reported in PR pkg/40532 by Cem Kayali,
the issue is being discussed with upstream,
thanks to Cem for detailed reports,
also back out explicit passing of PRIVOXY_GROUP to the program --
while it does not hurt it is redundant because PRIVOXY_GROUP is already
the primary group of PRIVOXY_USER
Diffstat (limited to 'www/privoxy/patches')
| -rw-r--r-- | www/privoxy/patches/patch-af | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/www/privoxy/patches/patch-af b/www/privoxy/patches/patch-af new file mode 100644 index 00000000000..88c7fa30a83 --- /dev/null +++ b/www/privoxy/patches/patch-af @@ -0,0 +1,15 @@ +$NetBSD: patch-af,v 1.1 2009/02/04 21:20:39 drochner Exp $ + +--- ./jcc.c.orig 2007-12-16 19:32:46.000000000 +0100 ++++ ./jcc.c +@@ -3299,6 +3299,10 @@ int main(int argc, const char *argv[]) + { + log_error(LOG_LEVEL_FATAL, "Cannot setgid(): Insufficient permissions."); + } ++ if (grp) ++ setgroups(1, &grp->gr_gid); ++ else ++ initgroups(pw->pw_name, pw->pw_gid); + if (do_chroot) + { + if (!pw->pw_dir) |