Skip site navigation (1)Skip section navigation (2)
Date:      Sat, 20 Aug 2016 16:39:52 +0000 (UTC)
From:      Baptiste Daroussin <bapt@FreeBSD.org>
To:        ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org
Subject:   svn commit: r420518 - in head/mail/dma: . files
Message-ID:  <201608201639.u7KGdqa7038223@repo.freebsd.org>

next in thread | raw e-mail | index | archive | help
Author: bapt
Date: Sat Aug 20 16:39:51 2016
New Revision: 420518
URL: https://svnweb.freebsd.org/changeset/ports/420518

Log:
  Incorporate a patch from upstream
  
  Affecting DragonFly 4.6 and earlier, Matt Dillon fixed this in base after
  finding out from BSDNow Episode 152. Comments following were from his commit
  which explains better than I. Just taking his change and putting it here as well.
  
  * dma makes an age-old mistake of not properly checking whether a file
    owned by a user is a symlink or not, a bug which the original mail.local
    also had.
  
  * Add O_NOFOLLOW to disallow symlinks.
  
  Thanks-to: BSDNow Episode 152, made me dive dma to check when they talked
             about the mail.local bug.

Added:
  head/mail/dma/files/fix-security-hole.patch   (contents, props changed)
Modified:
  head/mail/dma/Makefile

Modified: head/mail/dma/Makefile
==============================================================================
--- head/mail/dma/Makefile	Sat Aug 20 16:36:16 2016	(r420517)
+++ head/mail/dma/Makefile	Sat Aug 20 16:39:51 2016	(r420518)
@@ -3,6 +3,7 @@
 
 PORTNAME=	dma
 PORTVERSION=	0.11
+PORTREVISION=	1
 DISTVERSIONPREFIX=	v
 PORTEPOCH=	1
 CATEGORIES=	mail ipv6
@@ -31,6 +32,7 @@ MAKE_ENV=	__MAKE_CONF=/dev/null SRCCONF=
 
 USE_RC_SUBR=	dma_flushq
 SUB_FILES=	pkg-message
+EXTRA_PATCHES=	${FILESDIR}/fix-security-hole.patch:-p1
 
 # Allow subports to extend.
 CONFFILES+=	dma.conf auth.conf

Added: head/mail/dma/files/fix-security-hole.patch
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/mail/dma/files/fix-security-hole.patch	Sat Aug 20 16:39:51 2016	(r420518)
@@ -0,0 +1,34 @@
+From f249aa412dd4a09881cb450390d1003815bd0013 Mon Sep 17 00:00:00 2001
+From: Zach Crownover <zachary.crownover@gmail.com>
+Date: Fri, 5 Aug 2016 15:24:27 -0700
+Subject: [PATCH] dma - Fix security hole (#46)
+
+Affecting DragonFly 4.6 and earlier, Matt Dillon fixed this in base after
+finding out from BSDNow Episode 152. Comments following were from his commit
+which explains better than I. Just taking his change and putting it here as well.
+
+* dma makes an age-old mistake of not properly checking whether a file
+  owned by a user is a symlink or not, a bug which the original mail.local
+  also had.
+
+* Add O_NOFOLLOW to disallow symlinks.
+
+Thanks-to: BSDNow Episode 152, made me dive dma to check when they talked
+           about the mail.local bug.
+---
+ dma-mbox-create.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/dma-mbox-create.c b/dma-mbox-create.c
+index 532a7af..45a4792 100644
+--- a/dma-mbox-create.c
++++ b/dma-mbox-create.c
+@@ -142,7 +142,7 @@ main(int argc, char **argv)
+ 		logfail(EX_CANTCREAT, "cannot build mbox path for `%s/%s'", _PATH_MAILDIR, user);
+ 	}
+ 
+-	f = open(fn, O_RDONLY|O_CREAT, 0600);
++	f = open(fn, O_RDONLY|O_CREAT|O_NOFOLLOW, 0600);
+ 	if (f < 0)
+ 		logfail(EX_NOINPUT, "cannt open mbox `%s'", fn);
+ 



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201608201639.u7KGdqa7038223>