diff options
| author | dougb <dougb@FreeBSD.org> | 2001-09-25 07:08:47 +0000 |
|---|---|---|
| committer | dougb <dougb@FreeBSD.org> | 2001-09-25 07:08:47 +0000 |
| commit | 97852d550797f153d62e67632e69f777926702c5 (patch) | |
| tree | cf67509dc9554c6a56f6b516bce7a5da69229537 | |
| parent | 819f0aa1c928d1826aac0212c6655639b8382beb (diff) | |
| download | FreeBSD-ports-97852d550797f153d62e67632e69f777926702c5.zip FreeBSD-ports-97852d550797f153d62e67632e69f777926702c5.tar.gz | |
This patch comes from the ht://Dig maintainers, and fixes a possible
security vulnerability. Quoting from their e-mail announcement:
There is a security vulnerability in all versions of
htsearch between 3.1.0b2 and 3.1.5 . . . The hole can
allow a remote user to pick a file on your system for
the config file that the UID running the webserver
can read.
With a default ports install the httpd user should be nobody, which
makes the vulnerability small.
| -rw-r--r-- | textproc/htdig/files/patch-htsearch_cc | 24 |
1 files changed, 24 insertions, 0 deletions
diff --git a/textproc/htdig/files/patch-htsearch_cc b/textproc/htdig/files/patch-htsearch_cc new file mode 100644 index 0000000..5a92dba --- /dev/null +++ b/textproc/htdig/files/patch-htsearch_cc @@ -0,0 +1,24 @@ +--- htsearch/htsearch.cc.Dist Thu Feb 24 18:29:11 2000 ++++ htsearch/htsearch.cc Mon Sep 24 23:57:28 2001 +@@ -77,9 +77,18 @@ + switch (c) + { + case 'c': +- configFile = optarg; +- override_config=1; +- break; ++ // The default is obviously to do this securely ++ // but if people want to shoot themselves in the foot... ++#ifndef ALLOW_INSECURE_CGI_CONFIG ++ if (!getenv("REQUEST_METHOD")) ++ { ++#endif ++ configFile = optarg; ++ override_config=1; ++#ifndef ALLOW_INSECURE_CGI_CONFIG ++ } ++#endif ++ break; + case 'v': + debug++; + break; |
