aboutsummaryrefslogtreecommitdiffstats
path: root/sysutils/fuser/files
diff options
context:
space:
mode:
authorstas <stas@FreeBSD.org>2009-12-22 05:49:39 +0800
committerstas <stas@FreeBSD.org>2009-12-22 05:49:39 +0800
commit5bc05604709c819aee02ea4719d30a4ca2ec5f27 (patch)
tree6ec59746dfca26c25a19541a34541272c11a4c5a /sysutils/fuser/files
parentbffafc1acc07a16641e822501351fcb3b2eeb237 (diff)
downloadfreebsd-ports-graphics-5bc05604709c819aee02ea4719d30a4ca2ec5f27.tar.gz
freebsd-ports-graphics-5bc05604709c819aee02ea4719d30a4ca2ec5f27.tar.zst
freebsd-ports-graphics-5bc05604709c819aee02ea4719d30a4ca2ec5f27.zip
- Fix build on HEAD.
- Do not allow the user to send signals to arbitrary processes if setuid binary is used. PR: ports/141852 Submitted by: Denis Barov <dindin@dindin.ru> Security: http://www.freebsd.org/ports/portaudit/4d6076fe-ee7a-11de-9cd0-001a926c7637.html
Diffstat (limited to 'sysutils/fuser/files')
-rw-r--r--sysutils/fuser/files/extra::patch-nfs.c10
-rw-r--r--sysutils/fuser/files/patch-fuser.c35
2 files changed, 45 insertions, 0 deletions
diff --git a/sysutils/fuser/files/extra::patch-nfs.c b/sysutils/fuser/files/extra::patch-nfs.c
new file mode 100644
index 00000000000..f2650881df5
--- /dev/null
+++ b/sysutils/fuser/files/extra::patch-nfs.c
@@ -0,0 +1,10 @@
+--- nfs.c.orig 2009-12-21 13:33:10.000000000 -0800
++++ nfs.c 2009-12-21 13:33:22.000000000 -0800
+@@ -44,7 +44,6 @@
+ #include <sys/mount.h>
+
+ #include <nfs/nfsproto.h>
+-#include <nfs/rpcv2.h>
+ #include <nfsclient/nfs.h>
+ #include <nfsclient/nfsnode.h>
+
diff --git a/sysutils/fuser/files/patch-fuser.c b/sysutils/fuser/files/patch-fuser.c
new file mode 100644
index 00000000000..8f4276146de
--- /dev/null
+++ b/sysutils/fuser/files/patch-fuser.c
@@ -0,0 +1,35 @@
+--- fuser.c.orig 2006-03-14 14:07:08.000000000 +0300
++++ fuser.c 2009-12-21 22:51:33.000000000 +0300
+@@ -608,6 +608,7 @@
+ char *ep;
+ char *kernimg = NULL; /* We are using curr. sys by default */
+ char *mcore = NULL;
++ int retvalue = 0;
+
+ while ((ch = getopt(argc, argv, "C:K:cfkms:u")) != -1)
+ switch(ch) {
+@@ -696,8 +697,13 @@
+ if (ufl != 0) {
+ print_file_info(pinfo->pid, \
+ pinfo->uid, ufl);
+- if ((flags & KFLAG) != 0)
+- (void)kill(pinfo->pid, sig);
++ if ((flags & KFLAG) != 0) {
++ if (geteuid() == getuid() || pinfo->uid == getuid()) {
++ (void)kill(pinfo->pid, sig);
++ } else {
++ retvalue = 1;
++ }
++ }
+ }
+ }
+ (void)fprintf(stderr, "\n");
+@@ -707,7 +713,7 @@
+ SLIST_FREE(&prclist, next, pinfo_free);
+ (void)kvm_close(kd);
+
+- return 0;
++ return retvalue;
+
+ }
+
generated by cgit (git 2.34.1) at 2025-01-28 11:42:47 +0800