[Pkg-cups-devel] r317 - in cupsys/branches/cups-1.2/debian: .

[Martin Pitt]

Author: mpitt
Date: Mon Jul 24 07:54:16 2006
New Revision: 317

Modified:
   cupsys/branches/cups-1.2/debian/changelog
   cupsys/branches/cups-1.2/debian/patches/09_runasuser.dpatch

Log:
* debian/patches/09_runasuser.dpatch: Do not drop additional group
  privileges in scheduler/process.c. This should fix a range of bugs
  concerning detection of parallel port printers and other 'permission
  denied' bugs if privilege dropping is enabled (it is disabled by default in
  Debian).

Modified: cupsys/branches/cups-1.2/debian/changelog
==============================================================================
--- cupsys/branches/cups-1.2/debian/changelog	(original)
+++ cupsys/branches/cups-1.2/debian/changelog	Mon Jul 24 07:54:16 2006
@@ -11,8 +11,13 @@
     'ppdev' module to fix the name and model detection of parallel printers on
     newer kernels.
   * Revive debian/patches/56_dirsvc.dpatch; it's still not fixed upstream.
+  * debian/patches/09_runasuser.dpatch: Do not drop additional group
+    privileges in scheduler/process.c. This should fix a range of bugs
+    concerning detection of parallel port printers and other 'permission
+    denied' bugs if privilege dropping is enabled (it is disabled by default in
+    Debian).
 
- -- Kenshi Muto <kmuto at debian.org>  Mon, 24 Jul 2006 09:46:32 +0200
+ -- Kenshi Muto <kmuto at debian.org>  Mon, 24 Jul 2006 09:53:51 +0200
 
 cupsys (1.2.1-4) unstable; urgency=medium
 

Modified: cupsys/branches/cups-1.2/debian/patches/09_runasuser.dpatch
==============================================================================
--- cupsys/branches/cups-1.2/debian/patches/09_runasuser.dpatch	(original)
+++ cupsys/branches/cups-1.2/debian/patches/09_runasuser.dpatch	Mon Jul 24 07:54:16 2006
@@ -111,3 +111,22 @@
      {
       /*
        * Update the root certificate...
+diff -urNad cups-1.2-ubuntu~/scheduler/process.c cups-1.2-ubuntu/scheduler/process.c
+--- cups-1.2-ubuntu~/scheduler/process.c	2006-04-06 22:32:07.000000000 +0200
++++ cups-1.2-ubuntu/scheduler/process.c	2006-04-24 19:16:09.000000000 +0200
+@@ -245,15 +245,6 @@
+       if (setuid(User))
+         exit(errno);
+     }
+-    else
+-    {
+-     /*
+-      * Reset group membership to just the main one we belong to.
+-      */
+-
+-      setgid(Group);
+-      setgroups(1, &Group);
+-    }
+ 
+    /*
+     * Change umask to restrict permissions on created files...