[Pkg-cups-devel] r865 - in cupsys/trunk: . debian debian/patches
Martin Pitt
mpitt at alioth.debian.org
Sun Sep 7 07:58:18 UTC 2008
Author: mpitt
Date: Sun Sep 7 07:58:17 2008
New Revision: 865
Log:
rootbackends-worldreadable.dpatch: Do not run backends as root if they are
group or world writable (this is by and large a paranoia fix, though).
Modified:
cupsys/trunk/ (props changed)
cupsys/trunk/debian/changelog
cupsys/trunk/debian/patches/rootbackends-worldreadable.dpatch
Modified: cupsys/trunk/debian/changelog
==============================================================================
--- cupsys/trunk/debian/changelog (original)
+++ cupsys/trunk/debian/changelog Sun Sep 7 07:58:17 2008
@@ -1,3 +1,10 @@
+cups (1.3.8-10) UNRELEASED; urgency=low
+
+ * rootbackends-worldreadable.dpatch: Do not run backends as root if they are
+ group or world writable (this is by and large a paranoia fix, though).
+
+ -- Martin Pitt <mpitt at debian.org> Sun, 07 Sep 2008 09:57:28 +0200
+
cups (1.3.8-9) experimental; urgency=low
* Previous upload had some cruft in the diff.gz which caused some changed
Modified: cupsys/trunk/debian/patches/rootbackends-worldreadable.dpatch
==============================================================================
--- cupsys/trunk/debian/patches/rootbackends-worldreadable.dpatch (original)
+++ cupsys/trunk/debian/patches/rootbackends-worldreadable.dpatch Sun Sep 7 07:58:17 2008
@@ -27,7 +27,7 @@
backroot = 0;
else
- backroot = !(backinfo.st_mode & (S_IRWXG | S_IRWXO));
-+ backroot = !(backinfo.st_mode & (S_IXGRP | S_IXOTH));
++ backroot = !(backinfo.st_mode & (S_IWGRP | S_IXGRP | S_IWOTH | S_IXOTH));
argv[0] = sani_uri;
More information about the Pkg-cups-devel
mailing list