mirror of
git://git.savannah.gnu.org/guix.git
synced 2023-12-14 03:33:07 +01:00
2ca55f939c
* gnu/packages/patches/rush-CVE-2013-6889.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/rush.scm (rush): Use it.
24 lines
664 B
Diff
24 lines
664 B
Diff
commit 00bdccd429517f12dbf37ab4397ddec3e51a2738
|
|
Author: Mats Erik Andersson <gnu@gisladisker.se>
|
|
Date: Mon Jan 20 13:33:52 2014 +0200
|
|
|
|
Protect against CVE-2013-6889 (tiny change).
|
|
|
|
Reset the effective user identification in testing mode.
|
|
|
|
diff --git a/src/rush.c b/src/rush.c
|
|
index 45d737a..dc6518e 100644
|
|
--- a/src/rush.c
|
|
+++ b/src/rush.c
|
|
@@ -980,6 +980,10 @@ main(int argc, char **argv)
|
|
} else if (argc > optind)
|
|
die(usage_error, NULL, _("invalid command line"));
|
|
|
|
+ /* Relinquish root privileges in test mode */
|
|
+ if (lint_option)
|
|
+ setuid(getuid());
|
|
+
|
|
if (test_user_name) {
|
|
struct passwd *pw = getpwnam(test_user_name);
|
|
if (!pw)
|