From owner-freebsd-ports-bugs@FreeBSD.ORG  Mon Sep  8 17:00:25 2003
Return-Path: <owner-freebsd-ports-bugs@FreeBSD.ORG>
Delivered-To: freebsd-ports-bugs@hub.freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id B826616A4BF
	for <freebsd-ports-bugs@hub.freebsd.org>;
	Mon,  8 Sep 2003 17:00:25 -0700 (PDT)
Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 1651E43F3F
	for <freebsd-ports-bugs@hub.freebsd.org>;
	Mon,  8 Sep 2003 17:00:24 -0700 (PDT)
	(envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1])
	by freefall.freebsd.org (8.12.9/8.12.9) with ESMTP id h8900MUp032316
	for <freebsd-ports-bugs@freefall.freebsd.org>;
	Mon, 8 Sep 2003 17:00:22 -0700 (PDT)
	(envelope-from gnats@freefall.freebsd.org)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.12.9/8.12.9/Submit) id h8900MsR032315;
	Mon, 8 Sep 2003 17:00:22 -0700 (PDT)
Resent-Date: Mon, 8 Sep 2003 17:00:22 -0700 (PDT)
Resent-Message-Id: <200309090000.h8900MsR032315@freefall.freebsd.org>
Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer)
Resent-To: freebsd-ports-bugs@FreeBSD.org
Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org,
	Cyrille Lefevre <cyrille.lefevre@laposte.net>
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 9508A16A4BF
	for <FreeBSD-gnats-submit@freebsd.org>;
	Mon,  8 Sep 2003 16:58:38 -0700 (PDT)
Received: from ioskeha.hittite.isp.9tel.net (ioskeha.hittite.isp.9tel.net
	[62.62.156.27])	by mx1.FreeBSD.org (Postfix) with ESMTP id 07D1F43F3F
	for <FreeBSD-gnats-submit@freebsd.org>;
	Mon,  8 Sep 2003 16:58:36 -0700 (PDT)
	(envelope-from cyrille.lefevre@laposte.net)
Received: from mail.gits.dyndns.org (unknown [81.185.59.231])
	by ioskeha.hittite.isp.9tel.net (Postfix) with ESMTP id 268D417B454
	for <FreeBSD-gnats-submit@freebsd.org>;
	Tue,  9 Sep 2003 01:58:33 +0200 (CEST)
Received: from gits.gits.fr.invalid (monk66nukuddrsbd@localhost [127.0.0.1])
	by mail.gits.dyndns.org (8.12.9/8.12.9) with ESMTP id h88Nueb7011082
	for <FreeBSD-gnats-submit@freebsd.org>;
	Tue, 9 Sep 2003 01:56:40 +0200 (CEST)
	(envelope-from cyrille.lefevre@laposte.net)
Received: by gits.gits.fr.invalid (tmda-inject, from uid 0);
	Tue, 09 Sep 2003 01:56:39 +0200
Message-Id: <20030908235613.GA25464@gits.dyndns.org>
Date: Tue, 9 Sep 2003 01:56:15 +0200
From: Cyrille Lefevre <cyrille.lefevre@laposte.net>
To: FreeBSD-gnats-submit@FreeBSD.org
X-Send-Pr-Version: 3.113
cc: cyrill@econ.krasnoyarsk.su
Subject: ports/56614: Maintainer update: security/op (1.11) -- security fix
X-BeenThere: freebsd-ports-bugs@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
Reply-To: Cyrille Lefevre <cyrille.lefevre@laposte.net>
List-Id: Ports bug reports <freebsd-ports-bugs.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ports-bugs>,
	<mailto:freebsd-ports-bugs-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ports-bugs>
List-Post: <mailto:freebsd-ports-bugs@freebsd.org>
List-Help: <mailto:freebsd-ports-bugs-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ports-bugs>,
	<mailto:freebsd-ports-bugs-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 09 Sep 2003 00:00:25 -0000


>Number:         56614
>Category:       ports
>Synopsis:       Maintainer update: security/op (1.11) -- security fix
>Confidential:   no
>Severity:       serious
>Priority:       high
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          maintainer-update
>Submitter-Id:   current-users
>Arrival-Date:   Mon Sep 08 17:00:22 PDT 2003
>Closed-Date:
>Last-Modified:
>Originator:     Cyrille Lefevre
>Release:        FreeBSD 5.1-BETA i386
>Organization:
ACME
>Environment:
System: FreeBSD gits 5.1-BETA FreeBSD 5.1-BETA #1: Sat May 31 04:26:14 CEST 2003 root@gits:/disk3/freebsd/current/obj/disk3/freebsd/current/src/sys/CUSTOM i386
>Description:
	Makefile
		PORTREVISION bumped
		PLIST_SUB added (CONF_DIR)
		NOPORTSDOC -> NOPORTDOCS
	pkg-plist
		etc -> %%CONF_DIR%%
		share/doc/op -> %%DOCSDIR%%
	files/patch-main.c
		setuid misplaced (security fix)
		thx to cyrill@econ.krasnoyarsk.su for submitting this patch.
>How-To-Repeat:
	n/a
>Fix:
	take care, this patch is in two parts,
	the first one is a diff against /dev/null
	and the second one a cvs diff.

--- /dev/null	Tue Sep  9 01:35:58 2003
+++ files/patch-main.c	Tue Sep  9 01:29:45 2003
@@ -0,0 +1,53 @@
+--- main.c.orig	Tue Sep  9 01:24:31 2003
++++ main.c	Tue Sep  9 01:29:26 2003
+@@ -448,29 +448,17 @@
+ 	char		*cp, *np;
+ 	struct passwd	*pw;
+ 	struct group	*gr;
+-	int		ngroups, gidset[256];
++	int		ngroups = 0, gidset[256];
+ 	int		curenv = 0, curarg = 0;
+ 	char		*new_envp[MAXENV];
+ 	char		*new_argv[MAXARG];
+ 	char		str[MAXSTRLEN], buf[4*MAXSTRLEN];
+ 
+-	if ((cp = FindOpt(cmd, "uid")) == NULL) {
+-		if (setuid(0) < 0)
+-			fatal("Unable to set uid to default", cp);
+-	} else {
+-		if ((pw = getpwnam(cp)) == NULL) {
+-			if (setuid(atoi(cp)) < 0)
+-				fatal("Unable to set uid to %s", cp);
+-		}
+-		if (setuid(pw->pw_uid) < 0)
+-			fatal("Unable to set uid to %s", cp);
+-	}
+-
+ 	if ((cp = FindOpt(cmd, "gid")) == NULL) {
+ 		;		/* don't have a default */
+ 	} else {
+ 		for (cp=GetField(cp, str); cp!=NULL; cp=GetField(cp, str)) {
+-			if ((gr = getgrnam(cp)) != NULL)
++			if ((gr = getgrnam(str)) != NULL)
+ 				gidset[ngroups++] = gr->gr_gid;
+ 		}
+ 		if (ngroups == 0) 
+@@ -533,6 +521,18 @@
+ 			new_envp[curenv++] = environ[i];
+ 	}
+ 	new_envp[curenv] = NULL;
++
++	if ((cp = FindOpt(cmd, "uid")) == NULL) {
++		if (setuid(0) < 0)
++			fatal("Unable to set uid to default", cp);
++	} else {
++		if ((pw = getpwnam(cp)) == NULL) {
++			if (setuid(atoi(cp)) < 0)
++				fatal("Unable to set uid to %s", cp);
++		}
++		if (setuid(pw->pw_uid) < 0)
++			fatal("Unable to set uid to %s", cp);
++	}
+ 
+ 	if (strcmp("MAGIC_SHELL", cmd->args[0]) == 0) {
+ 		for (i = 0; environ[i] != NULL; i++) 

Index: Makefile
===================================================================
RCS file: /home/ncvs/ports/security/op/Makefile,v
retrieving revision 1.9
diff -u -I$Id.*$ -I$.+BSD.*$ -r1.9 Makefile
--- Makefile	21 Feb 2003 13:26:48 -0000	1.9
+++ Makefile	8 Sep 2003 23:34:23 -0000
@@ -7,6 +7,7 @@
 
 PORTNAME=	op
 PORTVERSION=	1.11
+PORTREVISION=	1
 CATEGORIES=	security
 MASTER_SITES=	ftp://ftp.cerias.purdue.edu/pub/tools/%SUBDIR%/ \
 		ftp://ftp.rge.com/pub/security/cerias/tools/%SUBDIR%/ \
@@ -29,6 +30,8 @@
 		MANOWN=${MANOWN} MANGRP=${MANGRP} MANMODE=${MANMODE}
 ALL_TARGET=	${PORTNAME}
 
+PLIST_SUB=	CONF_DIR="${CONF_DIR:S,^${PREFIX}/,,}"
+
 MAN8=		op.8
 
 PKGDEINSTALL=	${PKGINSTALL}
@@ -82,7 +85,7 @@
 		${PKGINSTALL} ${PKGNAME} POST-INSTALL
 
 install-doc-files:
-.if !defined(NOPORTSDOC)
+.if !defined(NOPORTDOCS)
 	@${MKDIR} ${DOCSDIR}
 .for file in ${DOC_FILES}
 	@${INSTALL_DATA} ${WRKSRC}/${file} ${DOCSDIR}/${file}
Index: pkg-plist
===================================================================
RCS file: /home/ncvs/ports/security/op/pkg-plist,v
retrieving revision 1.3
diff -u -I$Id.*$ -I$.+BSD.*$ -r1.3 pkg-plist
--- pkg-plist	21 Aug 2001 15:29:13 -0000	1.3
+++ pkg-plist	30 Jul 2003 20:53:30 -0000
@@ -1,6 +1,6 @@
-@comment $FreeBSD: ports/security/op/pkg-plist,v 1.2 2001/04/10 10:52:20 lioux Exp $
+@comment $FreeBSD: ports/security/op/pkg-plist,v 1.3 2001/08/21 15:29:13 brian Exp $
 bin/op
-etc/op.access.sample
-%%PORTDOCS%%share/doc/op/README
-%%PORTDOCS%%share/doc/op/op.paper
-%%PORTDOCS%%@dirrm share/doc/op
+%%CONF_DIR%%/op.access.sample
+%%PORTDOCS%%%%DOCSDIR%%/README
+%%PORTDOCS%%%%DOCSDIR%%/op.paper
+%%PORTDOCS%%@dirrm %%DOCSDIR%%
>Release-Note:
>Audit-Trail:
>Unformatted: