summaryrefslogtreecommitdiffstats
path: root/sysutils/screen
diff options
context:
space:
mode:
authorkris <kris@FreeBSD.org>2001-09-04 19:20:42 +0000
committerkris <kris@FreeBSD.org>2001-09-04 19:20:42 +0000
commit9ec5d839c220379ac064559b924720b60717fc89 (patch)
tree7fd664efbb7264ff64ccd45e9eb046c77d98c770 /sysutils/screen
parentf1b30c039a9dfe380e0a710fc183d403aa68e912 (diff)
downloadFreeBSD-ports-9ec5d839c220379ac064559b924720b60717fc89.zip
FreeBSD-ports-9ec5d839c220379ac064559b924720b60717fc89.tar.gz
Patch against a bug which is a local root vulnerability on other platforms,
but which I could not repeat on FreeBSD. It may still be a problem, but it looks like screen was already dropping privilege before the operation in question. Submitted by: Roman Drahtmueller <draht@suse.de>
Diffstat (limited to 'sysutils/screen')
-rw-r--r--sysutils/screen/Makefile1
-rw-r--r--sysutils/screen/files/patch-sec113
2 files changed, 14 insertions, 0 deletions
diff --git a/sysutils/screen/Makefile b/sysutils/screen/Makefile
index d43cfb1..003286f 100644
--- a/sysutils/screen/Makefile
+++ b/sysutils/screen/Makefile
@@ -7,6 +7,7 @@
PORTNAME= screen
PORTVERSION= 3.9.9
+PORTREVISION= 1
CATEGORIES= misc
MASTER_SITES= ftp://ftp.uni-erlangen.de/pub/utilities/screen/ \
${MASTER_SITE_GNU}
diff --git a/sysutils/screen/files/patch-sec1 b/sysutils/screen/files/patch-sec1
new file mode 100644
index 0000000..abeeb0c
--- /dev/null
+++ b/sysutils/screen/files/patch-sec1
@@ -0,0 +1,13 @@
+--- screen.c.orig Fri May 25 16:40:10 2001
++++ screen.c Mon Sep 3 15:48:24 2001
+@@ -1061,6 +1061,10 @@
+ Attacher();
+ /* NOTREACHED */
+ }
++#ifdef MULTIUSER
++ if (multiattach)
++ Panic(0, "Can't create sessions of other users.");
++#endif
+ debug("screen -r: backend not responding -- still crying\n");
+ }
+ else if (dflag && !mflag)
OpenPOWER on IntegriCloud