From owner-freebsd-ports-bugs@FreeBSD.ORG  Thu Oct 14 16:50:10 2010
Return-Path: <owner-freebsd-ports-bugs@FreeBSD.ORG>
Delivered-To: freebsd-ports-bugs@hub.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 7EA0D1065672
	for <freebsd-ports-bugs@hub.freebsd.org>;
	Thu, 14 Oct 2010 16:50:10 +0000 (UTC)
	(envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (freefall.freebsd.org
	[IPv6:2001:4f8:fff6::28])
	by mx1.freebsd.org (Postfix) with ESMTP id 4E19B8FC1C
	for <freebsd-ports-bugs@hub.freebsd.org>;
	Thu, 14 Oct 2010 16:50:10 +0000 (UTC)
Received: from freefall.freebsd.org (localhost [127.0.0.1])
	by freefall.freebsd.org (8.14.4/8.14.4) with ESMTP id o9EGoAwA083810
	for <freebsd-ports-bugs@freefall.freebsd.org>;
	Thu, 14 Oct 2010 16:50:10 GMT
	(envelope-from gnats@freefall.freebsd.org)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.14.4/8.14.4/Submit) id o9EGoAwQ083809;
	Thu, 14 Oct 2010 16:50:10 GMT (envelope-from gnats)
Resent-Date: Thu, 14 Oct 2010 16:50:10 GMT
Resent-Message-Id: <201010141650.o9EGoAwQ083809@freefall.freebsd.org>
Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer)
Resent-To: freebsd-ports-bugs@FreeBSD.org
Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org,
	Eric F Crist <ecrist@secure-computing.net>
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id CF781106567A
	for <FreeBSD-gnats-submit@freebsd.org>;
	Thu, 14 Oct 2010 16:47:25 +0000 (UTC)
	(envelope-from root@secure-computing.net)
Received: from kenny.secure-computing.net (kenny.secure-computing.net
	[173.8.118.210])
	by mx1.freebsd.org (Postfix) with ESMTP id 6BCE98FC1A
	for <FreeBSD-gnats-submit@freebsd.org>;
	Thu, 14 Oct 2010 16:47:25 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
	by kenny.secure-computing.net (Postfix) with SMTP id 2FC252E079
	for <FreeBSD-gnats-submit@freebsd.org>;
	Thu, 14 Oct 2010 11:30:31 -0500 (CDT)
Received: from cartman.secure-computing.net (cartman.secure-computing.net
	[173.8.118.211])
	by kenny.secure-computing.net (Postfix) with ESMTP id B1B982E065;
	Thu, 14 Oct 2010 11:30:30 -0500 (CDT)
Received: by cartman.secure-computing.net (Postfix, from userid 0)
	id C429E6D422; Thu, 14 Oct 2010 11:33:00 -0500 (CDT)
Message-Id: <20101014163300.C429E6D422@cartman.secure-computing.net>
Date: Thu, 14 Oct 2010 11:33:00 -0500 (CDT)
From: Eric F Crist <ecrist@secure-computing.net>
To: FreeBSD-gnats-submit@FreeBSD.org
X-Send-Pr-Version: 3.113
Cc: Josh Paetzel <jpaetzel@FreeBSD.org>
Subject: ports/151456: www/shellinabox: add option to allow core dumps
X-BeenThere: freebsd-ports-bugs@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: Eric F Crist <ecrist@secure-computing.net>
List-Id: Ports bug reports <freebsd-ports-bugs.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ports-bugs>, 
	<mailto:freebsd-ports-bugs-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ports-bugs>
List-Post: <mailto:freebsd-ports-bugs@freebsd.org>
List-Help: <mailto:freebsd-ports-bugs-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ports-bugs>, 
	<mailto:freebsd-ports-bugs-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 14 Oct 2010 16:50:10 -0000


>Number:         151456
>Category:       ports
>Synopsis:       www/shellinabox: add option to allow core dumps
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Thu Oct 14 16:50:09 UTC 2010
>Closed-Date:
>Last-Modified:
>Originator:     Eric F Crist
>Release:        FreeBSD 9.0-CURRENT amd64
>Organization:
Secure Computing Networks & ClaimLynx, Inc
>Environment:
System: FreeBSD cartman.secure-computing.net 9.0-CURRENT FreeBSD 9.0-CURRENT #2: Mon Apr 12 12:46:23 CDT 2010 root@cartman.secure-computing.net:/usr/obj/usr/src/sys/GENERIC amd64

>Description:
	This patch allows for an option which adds the ability to create core dumps.  There is an inherent security
	risk when doing so, as potentially private information (passwords, etc) could be included in the core file.
	
>How-To-Repeat:
>Fix:

--- siab.diff begins here ---
Index: Makefile
===================================================================
RCS file: /home/ncvs/ports/www/shellinabox/Makefile,v
retrieving revision 1.4
diff -u -r1.4 Makefile
--- Makefile	13 Oct 2010 12:50:07 -0000	1.4
+++ Makefile	14 Oct 2010 16:30:28 -0000
@@ -7,7 +7,7 @@
 
 PORTNAME=	shellinabox
 PORTVERSION=	2.10
-PORTREVISION=	2
+PORTREVISION=	3
 CATEGORIES=	www
 MASTER_SITES=	GOOGLE_CODE
 
@@ -36,6 +36,13 @@
 SUB_FILES=	pkg-deinstall
 SUB_LIST=	USERS=${USERS} GROUPS=${GROUPS}
 
+OPTIONS=	ENABLE_CORES|   "Patch shellinaboxd to enable core dumps." off \
+
+.include <bsd.port.options.mk>
+.if defined(WITH_ENABLE_CORES)
+EXTRA_PATCHES=	${PATCHDIR}/enable-cores.patch
+.endif
+
 do-install:
 	${INSTALL_PROGRAM} ${WRKSRC}/shellinaboxd ${PREFIX}/bin/
 .if !defined(NOPORTDOCS)
--- siab.diff ends here ---

--- enable-cores.patch begins here ---
--- shellinabox/shellinaboxd.c.orig	2009-11-18 10:55:52.000000000 -0600
+++ shellinabox/shellinaboxd.c	2010-10-14 08:31:16.000000000 -0500
@@ -1178,10 +1178,10 @@
 int main(int argc, char * const argv[]) {
 #ifdef HAVE_SYS_PRCTL_H
   // Disable core files
-  prctl(PR_SET_DUMPABLE, 0, 0, 0, 0);
+  // prctl(PR_SET_DUMPABLE, 0, 0, 0, 0);
 #endif
   struct rlimit rl = { 0 };
-  setrlimit(RLIMIT_CORE, &rl);
+  // setrlimit(RLIMIT_CORE, &rl);
   removeLimits();
 
   // Parse command line arguments
--- enable-cores.patch ends here ---


>Release-Note:
>Audit-Trail:
>Unformatted: