rpms/tmux/EL-5 tmux-1.0-02_fix_wrong_location.diff, NONE, 1.1 tmux-1.0-03_proper_socket_handling.diff, NONE, 1.1 tmux-1.0-04_dropping_unnecessary_privileges.diff, NONE, 1.1 tmux-1.0-06_hardening_write_return.diff, NONE, 1.1 sources, 1.1, 1.2
Sven Lankes
slankes at fedoraproject.org
Fri Nov 13 23:07:28 UTC 2009
Author: slankes
Update of /cvs/pkgs/rpms/tmux/EL-5
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv6335
Modified Files:
sources
Added Files:
tmux-1.0-02_fix_wrong_location.diff
tmux-1.0-03_proper_socket_handling.diff
tmux-1.0-04_dropping_unnecessary_privileges.diff
tmux-1.0-06_hardening_write_return.diff
Log Message:
* Mon Nov 09 2009 Sven Lankes <sven at lank.es> 1.1-1
- New upstream release
tmux-1.0-02_fix_wrong_location.diff:
GNUmakefile | 8 ++++----
Makefile | 8 ++++----
2 files changed, 8 insertions(+), 8 deletions(-)
--- NEW FILE tmux-1.0-02_fix_wrong_location.diff ---
diff --git a/GNUmakefile b/GNUmakefile
index f8f1911..5e7b6f3 100644
--- a/GNUmakefile
+++ b/GNUmakefile
@@ -23,7 +23,7 @@ VERSION= 1.1
CC?= cc
CFLAGS+= -DBUILD="\"$(VERSION)\""
-LDFLAGS+= -L/usr/local/lib
+LDFLAGS+= -L/usr/lib
LIBS+=
# Sun CC
@@ -51,7 +51,7 @@ CFLAGS+= -Wno-pointer-sign
endif
endif
-PREFIX?= /usr/local
+PREFIX?= /usr
INSTALLDIR= install -d
INSTALLBIN= install -g bin -o root -m 555
INSTALLMAN= install -g bin -o root -m 444
@@ -80,7 +80,7 @@ clean-all: clean clean-depend
install: all
$(INSTALLDIR) $(DESTDIR)$(PREFIX)/bin
$(INSTALLBIN) tmux $(DESTDIR)$(PREFIX)/bin/tmux
- $(INSTALLDIR) $(DESTDIR)$(PREFIX)/man/man1
- $(INSTALLMAN) tmux.1 $(DESTDIR)$(PREFIX)/man/man1/tmux.1
+ $(INSTALLDIR) $(DESTDIR)$(PREFIX)/share/man/man1
+ $(INSTALLMAN) tmux.1 $(DESTDIR)$(PREFIX)/share/man/man1/tmux.1
-include .depend
diff --git a/Makefile b/Makefile
index f713677..c5b1ece 100644
--- a/Makefile
+++ b/Makefile
@@ -24,7 +24,7 @@ VERSION= 1.1
CC?= cc
CFLAGS+= -DBUILD="\"$(VERSION)\""
-LDFLAGS+= -L/usr/local/lib
+LDFLAGS+= -L/usr/lib
LIBS+=
.ifdef FDEBUG
@@ -47,7 +47,7 @@ CFLAGS+= -Wno-pointer-sign
.endif
.endif
-PREFIX?= /usr/local
+PREFIX?= /usr
INSTALLDIR= install -d
INSTALLBIN= install -g bin -o root -m 555
INSTALLMAN= install -g bin -o root -m 444
@@ -79,5 +79,5 @@ clean-all: clean clean-depend
install: all
${INSTALLDIR} ${DESTDIR}${PREFIX}/bin
${INSTALLBIN} tmux ${DESTDIR}${PREFIX}/bin/
- ${INSTALLDIR} ${DESTDIR}${PREFIX}/man/man1
- ${INSTALLMAN} tmux.1 ${DESTDIR}${PREFIX}/man/man1/
+ ${INSTALLDIR} ${DESTDIR}${PREFIX}/share/man/man1
+ ${INSTALLMAN} tmux.1 ${DESTDIR}${PREFIX}/share/man/man1/
tmux-1.0-03_proper_socket_handling.diff:
GNUmakefile | 2 +-
Makefile | 2 +-
compat.h | 1 +
tmux.c | 2 +-
4 files changed, 4 insertions(+), 3 deletions(-)
--- NEW FILE tmux-1.0-03_proper_socket_handling.diff ---
diff --git a/GNUmakefile b/GNUmakefile
index 5e7b6f3..c11120e 100644
--- a/GNUmakefile
+++ b/GNUmakefile
@@ -53,7 +53,7 @@ endif
PREFIX?= /usr
INSTALLDIR= install -d
-INSTALLBIN= install -g bin -o root -m 555
+INSTALLBIN= install -g tmux -o root -m 2755
INSTALLMAN= install -g bin -o root -m 444
SRCS= $(shell echo *.c|sed 's|osdep-[a-z0-9]*.c||g')
diff --git a/Makefile b/Makefile
index c5b1ece..9cb822a 100644
--- a/Makefile
+++ b/Makefile
@@ -49,7 +49,7 @@ CFLAGS+= -Wno-pointer-sign
PREFIX?= /usr
INSTALLDIR= install -d
-INSTALLBIN= install -g bin -o root -m 555
+INSTALLBIN= install -g tmux -o root -m 2755
INSTALLMAN= install -g bin -o root -m 444
SRCS!= echo *.c|sed 's|osdep-[a-z0-9]*.c||g'
diff --git a/compat.h b/compat.h
index 68fde0a..d63e7d3 100644
--- a/compat.h
+++ b/compat.h
@@ -26,6 +26,7 @@ typedef uint64_t u_int64_t;
#ifndef HAVE_PATHS_H
#define _PATH_BSHELL "/bin/sh"
#define _PATH_TMP "/tmp/"
+#define _PATH_VARRUN "/var/run/"
#define _PATH_DEVNULL "/dev/null"
#define _PATH_TTY "/dev/tty"
#define _PATH_DEV "/dev/"
diff --git a/tmux.c b/tmux.c
index b590ec1..8c07180 100644
--- a/tmux.c
+++ b/tmux.c
@@ -264,7 +264,7 @@ makesockpath(const char *label)
u_int uid;
uid = getuid();
- xsnprintf(base, MAXPATHLEN, "%s/tmux-%d", _PATH_TMP, uid);
+ xsnprintf(base, MAXPATHLEN, "%s/%s/%s-%d", _PATH_VARRUN, __progname, __progname, uid);
if (mkdir(base, S_IRWXU) != 0 && errno != EEXIST)
return (NULL);
tmux-1.0-04_dropping_unnecessary_privileges.diff:
tmux.c | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
--- NEW FILE tmux-1.0-04_dropping_unnecessary_privileges.diff ---
# using setresgid() for safely dropping utmp group membership.
--- a/tmux.c
+++ b/tmux.c
@@ -236,9 +236,11 @@
{
char base[MAXPATHLEN], *path;
struct stat sb;
- u_int uid;
+ u_int uid,gid;
uid = getuid();
+ gid = getgid();
+
xsnprintf(base, MAXPATHLEN, "%s/%s/%s-%d", _PATH_VARRUN, __progname, __progname, uid);
if (mkdir(base, S_IRWXU) != 0 && errno != EEXIST)
@@ -254,6 +256,9 @@
errno = EACCES;
return (NULL);
}
+ /* drop unnecessary privileges */
+ if (setresgid(gid, gid, gid) != 0)
+ return (NULL);
xasprintf(&path, "%s/%s", base, label);
return (path);
tmux-1.0-06_hardening_write_return.diff:
tty.c | 14 ++++++++++----
window.c | 4 +++-
2 files changed, 13 insertions(+), 5 deletions(-)
--- NEW FILE tmux-1.0-06_hardening_write_return.diff ---
diff --git a/tty.c b/tty.c
index 9d30ed9..2535bf3 100644
--- a/tty.c
+++ b/tty.c
@@ -283,7 +283,8 @@ tty_free(struct tty *tty)
void
tty_raw(struct tty *tty, const char *s)
{
- write(tty->fd, s, strlen(s));
+ if (write(tty->fd, s, strlen(s)) == -1)
+ fatal("write failed");
}
void
@@ -316,7 +317,9 @@ tty_puts(struct tty *tty, const char *s)
buffer_write(tty->out, s, strlen(s));
if (tty->log_fd != -1)
- write(tty->log_fd, s, strlen(s));
+ if (write(tty->log_fd, s, strlen(s)) == -1)
+ fatal("write failed");
+
}
void
@@ -342,7 +345,8 @@ tty_putc(struct tty *tty, u_char ch)
}
if (tty->log_fd != -1)
- write(tty->log_fd, &ch, 1);
+ if (write(tty->log_fd, &ch, 1) == -1)
+ fatal("write failed");
}
void
@@ -355,7 +359,9 @@ tty_pututf8(struct tty *tty, const struct grid_utf8 *gu)
break;
buffer_write8(tty->out, gu->data[i]);
if (tty->log_fd != -1)
- write(tty->log_fd, &gu->data[i], 1);
+ if (write(tty->log_fd, &gu->data[i], 1) == -1)
+ fatal("write failed");
+
}
tty->cx += gu->width;
diff --git a/window.c b/window.c
index f4be17d..318d2e9 100644
--- a/window.c
+++ b/window.c
@@ -516,7 +516,9 @@ window_pane_spawn(struct window_pane *wp, const char *cmd, const char *shell,
return (-1);
case 0:
if (chdir(wp->cwd) != 0)
- chdir("/");
+ if (chdir("/") <0)
+ fatal("chdir failed");
+
if (tcgetattr(STDIN_FILENO, &tio2) != 0)
fatal("tcgetattr failed");
Index: sources
===================================================================
RCS file: /cvs/pkgs/rpms/tmux/EL-5/sources,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -p -r1.1 -r1.2
--- sources 31 Oct 2009 23:41:30 -0000 1.1
+++ sources 13 Nov 2009 23:07:27 -0000 1.2
@@ -0,0 +1 @@
+faf2fc52ac3ae63d899f6fece2c112cd tmux-1.1.tar.gz
More information about the scm-commits
mailing list