[med-svn] r17881 - trunk/packages/arb/trunk/debian/patches
Elmar Pruesse
epruesse-guest at moszumanska.debian.org
Thu Aug 28 18:08:04 UTC 2014
Author: epruesse-guest
Date: 2014-08-28 18:08:03 +0000 (Thu, 28 Aug 2014)
New Revision: 17881
Added:
trunk/packages/arb/trunk/debian/patches/20_upstream_r12794__socket_permissions
Modified:
trunk/packages/arb/trunk/debian/patches/series
Log:
fix perms for arb_launcher socket (security issue)
Added: trunk/packages/arb/trunk/debian/patches/20_upstream_r12794__socket_permissions
===================================================================
--- trunk/packages/arb/trunk/debian/patches/20_upstream_r12794__socket_permissions (rev 0)
+++ trunk/packages/arb/trunk/debian/patches/20_upstream_r12794__socket_permissions 2014-08-28 18:08:03 UTC (rev 17881)
@@ -0,0 +1,21 @@
+Index: trunk/SH/arb_launcher
+===================================================================
+--- trunk/SH/arb_launcher (revision 12288)
++++ trunk/SH/arb_launcher (revision 12794)
+@@ -297,5 +297,5 @@
+ trap "rm -f $NAMED_PIPE" EXIT
+
+- { mkfifo $NAMED_PIPE && listen_pipe $NAMED_PIPE ; } || \
++ { mkfifo -m 600 $NAMED_PIPE && listen_pipe $NAMED_PIPE ; } || \
+ { echo "Error creating pipe '$NAMED_PIPE'" ; kill $PARENT_PID ; }
+
+@@ -326,6 +326,7 @@
+
+ get_pipe_name() {
+- local SOCKETDIR=$HOME/.arb_tmp/sockets
+- mkdir -p $SOCKETDIR
++ local SOCKETDIR="$HOME/.arb_tmp/sockets"
++ mkdir -p "$SOCKETDIR"
++ chmod 0700 "$SOCKETDIR"
+ echo "$SOCKETDIR/arb_launcher.$ARB_PID"
+
Modified: trunk/packages/arb/trunk/debian/patches/series
===================================================================
--- trunk/packages/arb/trunk/debian/patches/series 2014-08-28 17:43:03 UTC (rev 17880)
+++ trunk/packages/arb/trunk/debian/patches/series 2014-08-28 18:08:03 UTC (rev 17881)
@@ -1 +1,2 @@
10_upstream_r12793__show_db_load_progress
+20_upstream_r12794__socket_permissions
More information about the debian-med-commit
mailing list