aboutsummaryrefslogtreecommitdiffstats
path: root/misc
diff options
context:
space:
mode:
authorkris <kris@FreeBSD.org>2001-09-05 03:20:42 +0800
committerkris <kris@FreeBSD.org>2001-09-05 03:20:42 +0800
commit9ec5d839c220379ac064559b924720b60717fc89 (patch)
tree7fd664efbb7264ff64ccd45e9eb046c77d98c770 /misc
parentf1b30c039a9dfe380e0a710fc183d403aa68e912 (diff)
downloadfreebsd-ports-gnome-9ec5d839c220379ac064559b924720b60717fc89.tar.gz
freebsd-ports-gnome-9ec5d839c220379ac064559b924720b60717fc89.tar.zst
freebsd-ports-gnome-9ec5d839c220379ac064559b924720b60717fc89.zip
Patch against a bug which is a local root vulnerability on other platforms,
but which I could not repeat on FreeBSD. It may still be a problem, but it looks like screen was already dropping privilege before the operation in question. Submitted by: Roman Drahtmueller <draht@suse.de>
Diffstat (limited to 'misc')
-rw-r--r--misc/screen/Makefile1
-rw-r--r--misc/screen/files/patch-sec113
2 files changed, 14 insertions, 0 deletions
diff --git a/misc/screen/Makefile b/misc/screen/Makefile
index d43cfb135d83..003286f401ca 100644
--- a/misc/screen/Makefile
+++ b/misc/screen/Makefile
@@ -7,6 +7,7 @@
PORTNAME= screen
PORTVERSION= 3.9.9
+PORTREVISION= 1
CATEGORIES= misc
MASTER_SITES= ftp://ftp.uni-erlangen.de/pub/utilities/screen/ \
${MASTER_SITE_GNU}
diff --git a/misc/screen/files/patch-sec1 b/misc/screen/files/patch-sec1
new file mode 100644
index 000000000000..abeeb0c48b68
--- /dev/null
+++ b/misc/screen/files/patch-sec1
@@ -0,0 +1,13 @@
+--- screen.c.orig Fri May 25 16:40:10 2001
++++ screen.c Mon Sep 3 15:48:24 2001
+@@ -1061,6 +1061,10 @@
+ Attacher();
+ /* NOTREACHED */
+ }
++#ifdef MULTIUSER
++ if (multiattach)
++ Panic(0, "Can't create sessions of other users.");
++#endif
+ debug("screen -r: backend not responding -- still crying\n");
+ }
+ else if (dflag && !mflag)