From owner-freebsd-ports-bugs@FreeBSD.ORG Thu Nov 18 09:10:10 2010 Return-Path: Delivered-To: freebsd-ports-bugs@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 31C671065694 for ; Thu, 18 Nov 2010 09:10:10 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id E230F8FC16 for ; Thu, 18 Nov 2010 09:10:09 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.4/8.14.4) with ESMTP id oAI9A99i054812 for ; Thu, 18 Nov 2010 09:10:09 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.4/8.14.4/Submit) id oAI9A9Av054811; Thu, 18 Nov 2010 09:10:09 GMT (envelope-from gnats) Resent-Date: Thu, 18 Nov 2010 09:10:09 GMT Resent-Message-Id: <201011180910.oAI9A9Av054811@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-ports-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Sunpoet Po-Chuan Hsieh Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id AA2D3106566C for ; Thu, 18 Nov 2010 09:03:21 +0000 (UTC) (envelope-from sunpoet@sunpoet.net) Received: from mail-iw0-f182.google.com (mail-iw0-f182.google.com [209.85.214.182]) by mx1.freebsd.org (Postfix) with ESMTP id 6D0CD8FC13 for ; Thu, 18 Nov 2010 09:03:21 +0000 (UTC) Received: by iwn39 with SMTP id 39so3413535iwn.13 for ; Thu, 18 Nov 2010 01:03:20 -0800 (PST) Received: by 10.231.10.199 with SMTP id q7mr426993ibq.25.1290070999150; Thu, 18 Nov 2010 01:03:19 -0800 (PST) Received: from sunpoet.net (sunpoet.net [220.133.12.240]) by mx.google.com with ESMTPS id gy41sm194293ibb.11.2010.11.18.01.03.17 (version=TLSv1/SSLv3 cipher=RC4-MD5); Thu, 18 Nov 2010 01:03:18 -0800 (PST) Received: by sunpoet.net (Postfix, from userid 1000) id 5929E2AEC870; Thu, 18 Nov 2010 17:03:04 +0800 (CST) Message-Id: <20101118090304.5929E2AEC870@sunpoet.net> Date: Thu, 18 Nov 2010 17:03:04 +0800 (CST) From: Sunpoet Po-Chuan Hsieh Sender: Sunpoet Hsieh To: FreeBSD-gnats-submit@FreeBSD.org X-Send-Pr-Version: 3.113 Cc: kuriyama@FreeBSD.org Subject: ports/152359: [PATCH] security/gnupg: set setuid bit on bin/gpg2 when WITH_SUID_GPG is set X-BeenThere: freebsd-ports-bugs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Ports bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 18 Nov 2010 09:10:10 -0000 >Number: 152359 >Category: ports >Synopsis: [PATCH] security/gnupg: set setuid bit on bin/gpg2 when WITH_SUID_GPG is set >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Thu Nov 18 09:10:09 UTC 2010 >Closed-Date: >Last-Modified: >Originator: Sunpoet Po-Chuan Hsieh >Release: FreeBSD 8.1-STABLE amd64 >Organization: The FreeBSD Project >Environment: System: FreeBSD bonjour.sunpoet.net 8.1-STABLE FreeBSD 8.1-STABLE #0: Sat Oct 23 16:01:16 CST 2010 >Description: - Set setuid bit on bin/gpg2 instead of bin/gpg when WITH_SUID_GPG is set Therefore, users may run gpg2 with setuid enabled e.g. make verify Port maintainer (kuriyama@FreeBSD.org) is cc'd. Generated with FreeBSD Port Tools 0.99 >How-To-Repeat: >Fix: --- gnupg-2.0.16_2.patch begins here --- Index: Makefile =================================================================== RCS file: /home/ncvs/ports/security/gnupg/Makefile,v retrieving revision 1.131 diff -u -u -r1.131 Makefile --- Makefile 27 Jul 2010 01:25:17 -0000 1.131 +++ Makefile 18 Nov 2010 08:41:04 -0000 @@ -129,7 +129,7 @@ post-install: PKG_PREFIX=${PREFIX} ${SH} ${PKGINSTALL} ${PKGNAME} POST-INSTALL .if defined(WITH_SUID_GPG) - ${CHMOD} u+s ${PREFIX}/bin/gpg + ${CHMOD} u+s ${PREFIX}/bin/gpg2 .endif @${CAT} ${PKGMESSAGE} Index: distinfo =================================================================== RCS file: /home/ncvs/ports/security/gnupg/distinfo,v retrieving revision 1.52 diff -u -u -r1.52 distinfo --- distinfo 20 Jul 2010 14:01:50 -0000 1.52 +++ distinfo 18 Nov 2010 08:41:04 -0000 @@ -1,6 +1,4 @@ -MD5 (gnupg-2.0.16.tar.bz2) = 88a4d46deca63d2eca29b2b611304afb SHA256 (gnupg-2.0.16.tar.bz2) = 0d5abb977c02ebb0f6ce25a5ba71c8df90835aa666a85acd73a9b7f9df35a80b SIZE (gnupg-2.0.16.tar.bz2) = 4004033 -MD5 (gnupg-2.0.16.tar.bz2.sig) = 1c6b0b9b04c06deb5ec4bd8c959e25b0 SHA256 (gnupg-2.0.16.tar.bz2.sig) = a72156a1a231e4380225aa4c81f515ce66b787a19996f7f7d84315631be8df43 SIZE (gnupg-2.0.16.tar.bz2.sig) = 158 --- gnupg-2.0.16_2.patch ends here --- >Release-Note: >Audit-Trail: >Unformatted: