From owner-freebsd-ports Thu Dec 16 11:10: 7 1999 Delivered-To: freebsd-ports@freebsd.org Received: from freefall.freebsd.org (freefall.FreeBSD.ORG [204.216.27.21]) by hub.freebsd.org (Postfix) with ESMTP id E799414E55 for ; Thu, 16 Dec 1999 11:10:01 -0800 (PST) (envelope-from gnats@FreeBSD.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.9.3/8.9.2) id LAA24284; Thu, 16 Dec 1999 11:10:01 -0800 (PST) (envelope-from gnats@FreeBSD.org) Received: from anarcat.dyndns.org (phobos.IRO.UMontreal.CA [132.204.20.20]) by hub.freebsd.org (Postfix) with ESMTP id 165E914D66 for ; Thu, 16 Dec 1999 11:06:49 -0800 (PST) (envelope-from spidey@anarcat.dyndns.org) Received: by anarcat.dyndns.org (Postfix, from userid 1000) id 2700E198A; Thu, 16 Dec 1999 14:06:31 -0500 (EST) Message-Id: <19991216190631.2700E198A@anarcat.dyndns.org> Date: Thu, 16 Dec 1999 14:06:31 -0500 (EST) From: beaupran@iro.umontreal.ca Reply-To: beaupran@iro.umontreal.ca To: FreeBSD-gnats-submit@freebsd.org X-Send-Pr-Version: 3.2 Subject: ports/15518: Patch to make xsoldier setgid games instead of setuid root Sender: owner-freebsd-ports@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org >Number: 15518 >Category: ports >Synopsis: Patch to make xsoldier setgid games instead of setuid root >Confidential: no >Severity: serious >Priority: high >Responsible: freebsd-ports >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Thu Dec 16 11:10:01 PST 1999 >Closed-Date: >Last-Modified: >Originator: AnarCat >Release: FreeBSD 3.3-STABLE i386 >Organization: >Environment: Any FreeBSD box with a recent port collection >Description: The port games/xsoldier is installed setuid root without any visible reason except for a high score file. It should logically be setgid games, as the file be chgrp games. >How-To-Repeat: N/A. >Fix: Replace the patch/patch-aa by the following: *** Imakefile.orig Fri Feb 28 10:48:57 1997 --- Imakefile Thu Dec 16 13:58:22 1999 *************** *** 6,63 **** /* ----------------------------------------------------------------------- */ ! /* -------------------- その1 インストール先の設定 ----------------------- */ /* ----------------------------------------------------------------------- */ ! /* インストールディレクトリ */ ! /* 書き込み権限が無いとインストール出来ません.=> 遊べない.(^^; */ ! PIXMAPDIR = /usr/local/games/lib/xsoldier ! SCOREDIR = /usr/local/games/lib/xsoldier ! BINDIR = /usr/local/games ! /* スコアファイル名.SCOREDIR 以下に置かれます. */ SCOREFILE = .scorefile /* ----------------------------------------------------------------------- */ ! /* --------------------- その2 コンパイルの設定 -------------------------- */ /* ----------------------------------------------------------------------- */ ! /* xmkmf の Makefile で cc になっちゃう場合 */ /* CC = gcc */ ! /* xpmがXと異なるディレクトリにインストールされている場合 */ /* XPMINCDIR = /usr/X11R6/include */ /* XPMLIBDIR = /usr/X11R6/lib */ ! /* ココに path を書いて */ /* XPMINCFLAGS = -I$(XPMINCDIR) */ /* XPMLIBFLAGS = -L$(XPMLIBDIR) */ ! /* 上の2つのコメントを解除してください */ ! /* ゲームのウエイト */ WAIT = 35000 ! /* その他コンパイルオプション */ ! /* -DDUPSCORE … 同一人物がハイスコアに複数エントリ出来る */ ! /* -DSYSV … SystemV 系などで random 関数が無い場合, */ ! /* かわりに srand48 と lrand48 関数を使用します */ LOCAL_DEF = ! /* ジョイスティックを使う場合 */ /* #define JOYSTICK */ /* ----------------------------------------------------------------------- */ ! /* ------------------ その3 インストールコマンドの設定 ------------------- */ /* ----------------------------------------------------------------------- */ ! /* Solarisでopenwinを使用してコンパイルするときに必要 */ /* INSTALL = /usr/ucb/install */ /* ----------------------------------------------------------------------- */ /* */ ! /* 基本的にここから下はいぢらなくて済むハズ */ /* */ /* ----------------------------------------------------------------------- */ --- 6,63 ---- /* ----------------------------------------------------------------------- */ ! /* ---------------------- PART1 INSTALL DIRECTORY ------------------------ */ /* ----------------------------------------------------------------------- */ ! /* Install Directory */ ! /* You can't install without write permission of these. => Unplayable. (^^;*/ ! PIXMAPDIR = /usr/X11R6/lib/X11/xsoldier ! SCOREDIR = /usr/X11R6/lib/X11/xsoldier ! BINDIR = /usr/X11R6/bin ! /* Score File Name. It's under SCOREDIR. */ SCOREFILE = .scorefile /* ----------------------------------------------------------------------- */ ! /* ------------------- PART2 COMPILE CONFIGURATION ----------------------- */ /* ----------------------------------------------------------------------- */ ! /* What compiler do you want to use? */ /* CC = gcc */ ! /* If you have xpm not in the X directory. */ /* XPMINCDIR = /usr/X11R6/include */ /* XPMLIBDIR = /usr/X11R6/lib */ ! /* Write path name here and ..... */ /* XPMINCFLAGS = -I$(XPMINCDIR) */ /* XPMLIBFLAGS = -L$(XPMLIBDIR) */ ! /* Uncomment the upper 2 lines. */ ! /* Game Wait */ WAIT = 35000 ! /* The other compile options */ ! /* -DDUPSCORE -> Allow multiple entry in the high score */ ! /* -DSYSV -> Specify when not have random functions(SystemV etc.) */ ! /* Use srand48 and lrand48 instead. */ LOCAL_DEF = ! /* When you use the joystick */ /* #define JOYSTICK */ /* ----------------------------------------------------------------------- */ ! /* ------------------ PART3 INSTALL COMMAND CONFIGURATION ---------------- */ /* ----------------------------------------------------------------------- */ ! /* You need this when you use openwin on Solaris. */ /* INSTALL = /usr/ucb/install */ /* ----------------------------------------------------------------------- */ /* */ ! /* Basically, you don't need change below. */ /* */ /* ----------------------------------------------------------------------- */ *************** *** 95,101 **** install.score:: @if [ -d $(SCOREDIR) ]; then chmod 755 $(SCOREDIR); \ else $(MKDIRHIER) $(SCOREDIR); chmod 755 $(SCOREDIR); fi ! $(INSTALL) -c -m 600 scorefile.txt $(SCOREDIR)/$(SCOREFILE) @echo "install score . done" install.pixmap:: --- 95,101 ---- install.score:: @if [ -d $(SCOREDIR) ]; then chmod 755 $(SCOREDIR); \ else $(MKDIRHIER) $(SCOREDIR); chmod 755 $(SCOREDIR); fi ! $(INSTALL) -c -g games -m 660 scorefile.txt $(SCOREDIR)/$(SCOREFILE) @echo "install score . done" install.pixmap:: *************** *** 109,113 **** install.bin:: @if [ -d $(BINDIR) ]; then set +x; \ else (set -x; $(MKDIRHIER) $(BINDIR)); fi ! $(INSTALL) -c -m 4755 $(PROGRAM) $(BINDIR)/$(PROGRAM) @echo "install bin . done" --- 109,113 ---- install.bin:: @if [ -d $(BINDIR) ]; then set +x; \ else (set -x; $(MKDIRHIER) $(BINDIR)); fi ! $(INSTALL) -c -g games -m 2755 $(PROGRAM) $(BINDIR)/$(PROGRAM) @echo "install bin . done" >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message