[prev in list] [next in list] [prev in thread] [next in thread]
List: fedora-extras-commits
Subject: [arpwatch/f16] fix supplementary group list (#825328) (CVE-2012-2653)
From: aledvink <aledvink () fedoraproject ! org>
Date: 2012-05-31 23:33:27
Message-ID: 20120531233327.AB01621A67 () pkgs01 ! phx2 ! fedoraproject ! org
[Download RAW message or body]
commit 3c2b488ea1ca387e954b6f98f4445431022396f1
Author: Ales Ledvinka <aledvink@redhat.com>
Date: Thu May 31 17:57:54 2012 +0200
fix supplementary group list (#825328) (CVE-2012-2653)
arpwatch-2.1a15-dropgroup.patch | 12 ++++++++++++
1 files changed, 12 insertions(+), 0 deletions(-)
---
diff --git a/arpwatch-2.1a15-dropgroup.patch b/arpwatch-2.1a15-dropgroup.patch
new file mode 100644
index 0000000..b6a25f8
--- /dev/null
+++ b/arpwatch-2.1a15-dropgroup.patch
@@ -0,0 +1,12 @@
+diff -up arpwatch-2.1a15/arpwatch.c.dropgroup arpwatch-2.1a15/arpwatch.c
+--- arpwatch-2.1a15/arpwatch.c.dropgroup 2012-05-31 11:47:13.327901902 +0200
++++ arpwatch-2.1a15/arpwatch.c 2012-05-31 11:48:04.859900061 +0200
+@@ -147,7 +147,7 @@ void dropprivileges(const char* user)
+ struct passwd* pw;
+ pw = getpwnam( user );
+ if ( pw ) {
+- if ( initgroups(pw->pw_name, NULL) != 0 || setgid(pw->pw_gid) != 0 ||
++ if ( setgid(pw->pw_gid) != 0 || setgroups(0, NULL) != 0 ||
+ setuid(pw->pw_uid) != 0 ) {
+ syslog(LOG_ERR, "Couldn't change to '%.32s' uid=%d gid=%d", user,
+ pw->pw_uid, pw->pw_gid);
--
scm-commits mailing list
scm-commits@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/scm-commits
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic