~ubuntu-branches/ubuntu/natty/openbsd-inetd/natty

Viewing changes to debian/patches/discard_env

Committer: Bazaar Package Importer
Author(s): Marco d'Itri
Date: 2008-12-15 02:00:52 UTC
mfrom: (4.1.1 intrepid)
Revision ID: james.westby@ubuntu.com-20081215020052-gwpkva043fq6nb1s

Tags: 0.20080125-2

http://bugs.debian.org/484483

http://bugs.debian.org/507119

* Added dh_md5sums to debian/rules, since apparently people nowadays
  believe again that it is a good idea. (Closes: #484483)
* Fixed the init script to povide "openbsd-inetd" instead of "inetd".
  (Closes: #507119)
* Updated patches misc_portability and setproctitle with some missing
  prototypes.
* Updated patch misc_portability with missing arguments to two syslog(3)
  calls.
* Updated patch libwrap to fix a possibly uninitialized variable.
  The last three fixes are courtesy of Denis Zaitsev.

Show diffs side-by-side

added added

removed removed

debian/patches/discard_env

--- a/inetd.c

+++ b/inetd.c

@@ -301,6 +301,7 @@ int bump_nofile(void);

struct servtab *enter(struct servtab *);

int matchconf(struct servtab *, struct servtab *);

int dg_broadcast(struct in_addr *in);

+void discard_stupid_environment(void);

#define NUMINT (sizeof(intab) / sizeof(struct inent))

char *CONFIG = _PATH_INETDCONF;

@@ -333,6 +334,7 @@ main(int argc, char *argv[], char *envp[

{

fd_set *fdsrp = NULL;

int readablen = 0, ch;

+ int keepenv = 0;

struct servtab *sep;

extern char *optarg;

extern int optind;

@@ -342,11 +344,14 @@ main(int argc, char *argv[], char *envp[

initsetproctitle(argc, argv, envp);

- while ((ch = getopt(argc, argv, "dR:")) != -1)

+ while ((ch = getopt(argc, argv, "dER:")) != -1)

switch (ch) {

case 'd':

debug = 1;

break;

+ case 'E':

+ keepenv = 1;

+ break;

case 'R': { /* invocation rate */

char *p;

int val;

@@ -364,13 +369,17 @@ main(int argc, char *argv[], char *envp[

case '?':

default:

fprintf(stderr,

- "usage: %s [-d] [-R rate] [configuration file]\n",

+ "usage: %s [-dE] [-R rate] [configuration file]\n",

progname);

exit(1);

}

argc -= optind;

argv += optind;

+ /* This must be called _after_ initsetproctitle and arg parsing */

+ if (!keepenv)

+ discard_stupid_environment();

uid = getuid();

if (uid != 0)

CONFIG = NULL;

@@ -2071,3 +2080,45 @@ spawn(struct servtab *sep, int ctrl)

if (!sep->se_wait && sep->se_socktype == SOCK_STREAM)

close(ctrl);

}

+/* from netkit+USAGI */

+void

+discard_stupid_environment(void)

+ static const char *const junk[] = {

+ /* these are prefixes */

+ "CVS",

+ "DISPLAY=",

+ "EDITOR=",

+ "GROUP=",

+ "HOME=",

+ "IFS=",

+ "LD_",

+ "LOGNAME=",

+ "MAIL=",

+ "PATH=",

+ "PRINTER=",

+ "PWD=",

+ "SHELL=",

+ "SHLVL=",

+ "SSH",

+ "TERM",

+ "TMP",

+ "USER=",

+ "VISUAL=",

+ NULL

+ };

+ int i, k = 0;

+ for (i = 0; __environ[i]; i++) {

+ int found = 0, j;

+ for (j = 0; junk[j]; j++)

+ if (!strncmp(__environ[i], junk[j], strlen(junk[j])))

+ found = 1;

+ if (!found)

+ __environ[k++] = __environ[i];

+ }

+ __environ[k] = NULL;

100

--- a/inetd.8

101

+++ b/inetd.8

102

@@ -38,6 +38,7 @@

103

.Sh SYNOPSIS

104

.Nm inetd

105

.Op Fl d

106

+.Op Fl E

107

.Op Fl R Ar rate

108

.Op Ar configuration file

109

.Sh DESCRIPTION

110

@@ -62,6 +63,13 @@ The options are as follows:

111

.Bl -tag -width Ds

112

.It Fl d

113

Turns on debugging.

114

+.It Fl E

115

+Prevents

116

+.Nm inetd

117

+from laundering the environment. Without this option a selection of

118

+potentially harmful environent variables, including

119

+.Pa PATH ,

120

+will be removed and not inherited by services.

121

.It Fl R Ar rate

122

Specify the maximum number of times a service can be invoked

123

in one minute; the default is 256.

Older »