~ubuntu-branches/ubuntu/vivid/nethack/vivid

Viewing changes to debian/patches/02_SECURITY_recover_secure.dpatch

Committer: Bazaar Package Importer
Author(s): Joshua Kwan
Date: 2004-04-28 22:20:28 UTC
Revision ID: james.westby@ubuntu.com-20040428222028-ir8ahbbxi1jcot2d

Tags: 3.4.3-5

http://bugs.debian.org/248734

http://bugs.debian.org/246265

* Add Catalan translation (Closes: #248734)
* Patch work:
  - 91_enh_menucolors: Fix Pasi Kallinen's email address. pk -> pkalli
  - 19_gnome_ext_events (new): Fix a problem in Gnomehack where mouse click
    events in the extended menu would not be handled (thus a certain
    choice might be chosen, but a different one 'picked' by the code).
    (Closes: #246265)

files added:
debian

debian/README.Debian

debian/changelog

debian/compat

debian/console

debian/console/nethack.sh

debian/console/nethackrc

debian/control

debian/copyright

debian/gnome

debian/gnome/nethack-tty.sh

debian/gnome/nethack.sh

debian/gnome/nethackrc

debian/lisp

debian/lisp/nethack.sh

debian/lisp/nethackrc

debian/nethack-common.config

debian/nethack-common.dirs

debian/nethack-common.docs

debian/nethack-common.init

debian/nethack-common.links

debian/nethack-common.manpages

debian/nethack-common.menu

debian/nethack-common.postinst

debian/nethack-common.postrm

debian/nethack-common.templates

debian/nethack-console.dirs

debian/nethack-console.links

debian/nethack-console.menu

debian/nethack-console.postinst

debian/nethack-console.prerm

debian/nethack-gnome.dirs

debian/nethack-gnome.links

debian/nethack-gnome.menu

debian/nethack-gnome.postinst

debian/nethack-gnome.prerm

debian/nethack-lisp.copyright

debian/nethack-lisp.dirs

debian/nethack-lisp.links

debian/nethack-qt.dirs

debian/nethack-qt.links

debian/nethack-qt.menu

debian/nethack-qt.postinst

debian/nethack-qt.prerm

debian/nethack-x11.dirs

debian/nethack-x11.links

debian/nethack-x11.menu

debian/nethack-x11.postinst

debian/nethack-x11.prerm

debian/nethack.sh

debian/nethack.xpm

debian/nethackrc.tty

debian/overrides

debian/overrides/lintian

debian/overrides/lintian/nethack-common

debian/overrides/lintian/nethack-console

debian/overrides/lintian/nethack-gnome

debian/overrides/lintian/nethack-lisp

debian/overrides/lintian/nethack-qt

debian/overrides/lintian/nethack-x11

debian/patches

debian/patches/00list

debian/patches/01_fix_qt.dpatch

debian/patches/02_SECURITY_recover_secure.dpatch

debian/patches/04_manpage_paths.dpatch

debian/patches/05_makefile_logic.dpatch

debian/patches/06_x11_data.dpatch

debian/patches/08_linux_specifics.dpatch

debian/patches/09_use_gnu_source.dpatch

debian/patches/10_gnome_add_quiver.dpatch

debian/patches/12_lisp_windowing.copyright

debian/patches/12_lisp_windowing.dpatch

debian/patches/13_simple_mail.dpatch

debian/patches/14_common_config.dpatch

debian/patches/15_recover_errormsg.dpatch

debian/patches/16_pixmapdir.dpatch

debian/patches/17_gnome_remove_drop_many.dpatch

debian/patches/18_overridewin.dpatch

debian/patches/19_gnome_ext_events.dpatch

debian/patches/90_enh_hpmon.dpatch

debian/patches/91_enh_menucolors.dpatch

debian/patches/92_enh_paranoid_hit.dpatch

debian/patches/93_enh_dump.dpatch

debian/po

debian/po/POTFILES.in

debian/po/ca.po

debian/po/fr.po

debian/po/templates.pot

debian/qt

debian/qt/nethack-tty.sh

debian/qt/nethack.sh

debian/qt/nethackrc

debian/recover-helper

debian/rules

debian/x11

debian/x11/NetHack.ad

debian/x11/nethack-tty.sh

debian/x11/nethack.sh

debian/x11/nethackrc

Show diffs side-by-side

added added

removed removed

debian/patches/02_SECURITY_recover_secure.dpatch

#! /bin/sh -e

## 02_SECURITY_recover_secure.dpatch by Joshua Kwan <joshk@triplehelix.org>

## All lines beginning with `## DP:' are a description of the patch.

## DP: Make sure the user calling recover owns the file.

if [ $# -ne 1 ]; then

echo >&2 "`basename $0`: script expects -patch|-unpatch as argument"

exit 1

case "$1" in

-patch) patch -f --no-backup-if-mismatch -p1 < $0;;

-unpatch) patch -f --no-backup-if-mismatch -R -p1 < $0;;

echo >&2 "`basename $0`: script expects -patch|-unpatch as argument"

exit 1;;

esac

exit 0

--- nethack-3.4.1.orig/util/recover.c

+++ nethack-3.4.1/util/recover.c

@@ -16,6 +16,12 @@

#include "win32api.h"

#endif

+#ifdef SECURE

+#include <sys/types.h>

+#include <sys/stat.h>

+#include <unistd.h>

+#endif

#ifdef VMS

extern int FDECL(vms_creat, (const char *,unsigned));

extern int FDECL(vms_open, (const char *,int,unsigned));

@@ -107,15 +113,23 @@

}

#if defined(SECURE) && !defined(VMS)

if (dir

-# ifdef HACKDIR

+# ifdef VAR_PLAYGROUND

+ && strcmp(dir, VAR_PLAYGROUND)

+# else

+# ifdef HACKDIR

&& strcmp(dir, HACKDIR)

-# endif

+# endif

+# endif /* VAR_PLAYGROUND */

) {

(void) setgid(getgid());

(void) setuid(getuid());

}

#endif /* SECURE && !VMS */

+#ifdef VAR_PLAYGROUND

+ if (!dir) dir = VAR_PLAYGROUND;

+#endif

#ifdef HACKDIR

if (!dir) dir = HACKDIR;

#endif

@@ -158,11 +172,19 @@

#endif

}

+#ifdef SECURE

+static uid_t save_uid = -1;

+#endif

int

open_levelfile(lev)

int lev;

{

int fd;

+#ifdef SECURE

+ struct stat level_stat;

+ uid_t uid;

+#endif

set_levelfile_name(lev);

#if defined(MICRO) || defined(WIN32) || defined(MSDOS)

@@ -170,6 +192,21 @@

#else

fd = open(lock, O_RDONLY, 0);

#endif

+ /* Security check: does the user calling recover own the file? */

+#ifdef SECURE

+ if (fd != -1) {

+ uid = getuid();

+ if (fstat(fd, &level_stat) == -1) {

+ Fprintf(stderr, "No permission to stat level file %s.\n", lock);

+ return -1;

+ }

+ if (uid != 0 && level_stat.st_uid != uid) {

+ Fprintf(stderr, "You are not the owner of level file %s.\n", lock);

+ return -1;

+ }

+ save_uid = level_stat.st_uid;

+ }

100

+#endif

101

return fd;

102

}

103

104

@@ -183,6 +220,13 @@

105

#else

106

fd = creat(savename, FCMASK);

107

#endif

108

109

+#ifdef SECURE

110

+ if (fchown(fd, save_uid, -1) == -1) {

111

+ Fprintf(stderr, "could not chown %s to %i!\n", savename,

112

+ save_uid);

113

+ }

114

+#endif

115

return fd;

116

}

117

Older »