[Pkg-cups-devel] r317 - in cupsys/branches/cups-1.2/debian: .
Martin Pitt
mpitt at costa.debian.org
Mon Jul 24 07:54:16 UTC 2006
Author: mpitt
Date: Mon Jul 24 07:54:16 2006
New Revision: 317
Modified:
cupsys/branches/cups-1.2/debian/changelog
cupsys/branches/cups-1.2/debian/patches/09_runasuser.dpatch
Log:
* debian/patches/09_runasuser.dpatch: Do not drop additional group
privileges in scheduler/process.c. This should fix a range of bugs
concerning detection of parallel port printers and other 'permission
denied' bugs if privilege dropping is enabled (it is disabled by default in
Debian).
Modified: cupsys/branches/cups-1.2/debian/changelog
==============================================================================
--- cupsys/branches/cups-1.2/debian/changelog (original)
+++ cupsys/branches/cups-1.2/debian/changelog Mon Jul 24 07:54:16 2006
@@ -11,8 +11,13 @@
'ppdev' module to fix the name and model detection of parallel printers on
newer kernels.
* Revive debian/patches/56_dirsvc.dpatch; it's still not fixed upstream.
+ * debian/patches/09_runasuser.dpatch: Do not drop additional group
+ privileges in scheduler/process.c. This should fix a range of bugs
+ concerning detection of parallel port printers and other 'permission
+ denied' bugs if privilege dropping is enabled (it is disabled by default in
+ Debian).
- -- Kenshi Muto <kmuto at debian.org> Mon, 24 Jul 2006 09:46:32 +0200
+ -- Kenshi Muto <kmuto at debian.org> Mon, 24 Jul 2006 09:53:51 +0200
cupsys (1.2.1-4) unstable; urgency=medium
Modified: cupsys/branches/cups-1.2/debian/patches/09_runasuser.dpatch
==============================================================================
--- cupsys/branches/cups-1.2/debian/patches/09_runasuser.dpatch (original)
+++ cupsys/branches/cups-1.2/debian/patches/09_runasuser.dpatch Mon Jul 24 07:54:16 2006
@@ -111,3 +111,22 @@
{
/*
* Update the root certificate...
+diff -urNad cups-1.2-ubuntu~/scheduler/process.c cups-1.2-ubuntu/scheduler/process.c
+--- cups-1.2-ubuntu~/scheduler/process.c 2006-04-06 22:32:07.000000000 +0200
++++ cups-1.2-ubuntu/scheduler/process.c 2006-04-24 19:16:09.000000000 +0200
+@@ -245,15 +245,6 @@
+ if (setuid(User))
+ exit(errno);
+ }
+- else
+- {
+- /*
+- * Reset group membership to just the main one we belong to.
+- */
+-
+- setgid(Group);
+- setgroups(1, &Group);
+- }
+
+ /*
+ * Change umask to restrict permissions on created files...
More information about the Pkg-cups-devel
mailing list