Date: Wed, 16 Jan 2002 13:40:46 +0200 From: Ruslan Ermilov <ru@FreeBSD.org> To: Murray Stokely <murray@FreeBSD.org> Cc: freebsd-qa@FreeBSD.org Subject: Re: Changes to man(1) Message-ID: <20020116134046.A77376@sunbay.com> In-Reply-To: <20020115234038.GR6073@windriver.com> References: <20020115234038.GR6073@windriver.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Jan 15, 2002 at 03:40:38PM -0800, Murray Stokely wrote:
> The release engineers would really like to see Ruslan's latest
> changes to man(1) in FreeBSD 4.5. This change closes a number of
> potential security holes that could allow privilege escalation.
> Please help us look over the recent commit to -CURRENT before we allow
> this to be MFCed. Here are the relevant commits from Ruslan :
>
I've just found a problem with this in -STABLE. We also need to MFC
the following deltas to bsd.man.mk (only the 1.40 is essential, but
MFCing 1.39 doesn't harm too):
: revision 1.40
: date: 2001/07/12 07:47:39; author: ru; state: Exp; lines: +2 -2
: Always preprocess manpages with tbl(1).
: ----------------------------
: revision 1.39
: date: 2001/05/30 07:02:57; author: ru; state: Exp; lines: +1 -3
: Do not clobber COPY, it may be set differently in /etc/make.conf.
: This is not the problem for NOMANCOMPRESS, as install(1) does not
: delete the originals anymore (-c is the default now).
Otherwise, catpages built as part of buildworld with MANBUILDCAT=YES
are not preprocessed with tbl(1), and we get some bad catpages on the
release media. This is the same assumption as man(1) does -- always
format with tbl(1).
PLEASE NOTE that this problem is not new, and exists even without
MFCing the man(1) changes. It is just expected that more people
will start to use the MANBUILDCAT feature. And yes, release media
of 4.4-RELEASE has some broken catpages.
Index: bsd.man.mk
===================================================================
RCS file: /home/ncvs/src/share/mk/bsd.man.mk,v
retrieving revision 1.31.2.5
diff -u -r1.31.2.5 bsd.man.mk
--- bsd.man.mk 2001/12/20 10:44:03 1.31.2.5
+++ bsd.man.mk 2002/01/16 11:14:25
@@ -53,7 +53,7 @@
CATDIR= ${MANDIR:H:S/$/\/cat/}
CATEXT= .cat
-MROFF_CMD?= groff -Tascii -mtty-char -man
+MROFF_CMD?= groff -Tascii -mtty-char -man -t
MCOMPRESS_CMD?= ${COMPRESS_CMD}
MCOMPRESS_EXT?= ${COMPRESS_EXT}
@@ -73,8 +73,6 @@
all-man:
.if defined(NOMANCOMPRESS)
-
-COPY= -c
# Make special arrangements to filter to a temporary file at build time
# for NOMANCOMPRESS.
Cheers,
--
Ruslan Ermilov Oracle Developer/DBA,
ru@sunbay.com Sunbay Software AG,
ru@FreeBSD.org FreeBSD committer,
+380.652.512.251 Simferopol, Ukraine
http://www.FreeBSD.org The Power To Serve
http://www.oracle.com Enabling The Information Age
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-qa" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020116134046.A77376>