Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/app-emulation/virtualbox-ose/files/virtualbox-ose-fix-insecure-lockfiles.patch
diff options
context:
space:
mode:
Diffstat (limited to 'app-emulation/virtualbox-ose/files/virtualbox-ose-fix-insecure-lockfiles.patch')
-rw-r--r--app-emulation/virtualbox-ose/files/virtualbox-ose-fix-insecure-lockfiles.patch94
1 files changed, 0 insertions, 94 deletions
diff --git a/app-emulation/virtualbox-ose/files/virtualbox-ose-fix-insecure-lockfiles.patch b/app-emulation/virtualbox-ose/files/virtualbox-ose-fix-insecure-lockfiles.patch
deleted file mode 100644
index 0df6290..0000000
--- a/app-emulation/virtualbox-ose/files/virtualbox-ose-fix-insecure-lockfiles.patch
+++ /dev/null
@@ -1,94 +0,0 @@
---- src/libs/xpcom18a4/ipc/ipcd/daemon/src/ipcdUnix.cpp.orig 2008-11-09 19:48:22.000000000 +0100
-+++ src/libs/xpcom18a4/ipc/ipcd/daemon/src/ipcdUnix.cpp 2008-11-09 19:51:54.000000000 +0100
-@@ -93,7 +93,7 @@
- EOk = 0,
- ELockFileOpen = -1,
- ELockFileLock = -2,
--
-+ ELockFileOwner = -3,
- };
-
- static int ipcLockFD = 0;
-@@ -112,16 +112,70 @@
- lockFile[dirLen] = '/';
- memcpy(lockFile + dirLen + 1, lockName, sizeof(lockName));
-
-+#ifdef VBOX
-+ //
-+ // Security checks for the directory
-+ //
-+ struct stat st;
-+ if (stat(baseDir, &st) == -1)
-+ {
-+ printf("Cannot stat '%s'.\n", baseDir);
-+ return ELockFileOwner;
-+ }
-+
-+ if (st.st_uid != getuid() && st.st_uid != geteuid())
-+ {
-+ printf("Wrong owner (%d) of '%s'.\n", st.st_uid, baseDir);
-+ return ELockFileOwner;
-+ }
-+
-+ if (st.st_mode != (S_IRUSR | S_IWUSR | S_IXUSR | S_IFDIR))
-+ {
-+ printf("Wrong mode (%o) of '%s'.\n", st.st_mode, baseDir);
-+ return ELockFileOwner;
-+ }
-+#endif
-+
- //
- // open lock file. it remains open until we shutdown.
- //
- ipcLockFD = open(lockFile, O_WRONLY|O_CREAT, S_IWUSR|S_IRUSR);
-
-+#ifndef VBOX
- free(lockFile);
-+#endif
-
- if (ipcLockFD == -1)
- return ELockFileOpen;
-
-+#ifdef VBOX
-+ //
-+ // Security checks for the lock file
-+ //
-+ if (fstat(ipcLockFD, &st) == -1)
-+ {
-+ printf("Cannot stat '%s'.\n", lockFile);
-+ free(lockFile);
-+ return ELockFileOwner;
-+ }
-+
-+ if (st.st_uid != getuid() && st.st_uid != geteuid())
-+ {
-+ printf("Wrong owner (%d) of '%s'.\n", st.st_uid, lockFile);
-+ free(lockFile);
-+ return ELockFileOwner;
-+ }
-+
-+ if (st.st_mode != (S_IRUSR | S_IWUSR | S_IFREG))
-+ {
-+ printf("Wrong mode (%o) of '%s'.\n", st.st_mode, lockFile);
-+ free(lockFile);
-+ return ELockFileOwner;
-+ }
-+
-+ free(lockFile);
-+#endif
-+
- //
- // we use fcntl for locking. assumption: filesystem should be local.
- // this API is nice because the lock will be automatically released
-@@ -433,8 +487,9 @@
- // don't notify the parent to cause it to fail in PR_Read() after
- // we terminate
- #ifdef VBOX
-- printf("Cannot create a lock file for '%s'.\n"
-- "Check permissions.\n", addr.local.path);
-+ if (status != ELockFileOwner)
-+ printf("Cannot create a lock file for '%s'.\n"
-+ "Check permissions.\n", addr.local.path);
- #endif
- return 0;
- }