diff options
author | Patrick Lauer <patrick@gentoo.org> | 2009-09-18 14:37:31 +0000 |
---|---|---|
committer | Patrick Lauer <patrick@gentoo.org> | 2009-09-18 14:37:31 +0000 |
commit | 77c9fdf25a048054e83ff82f6db88bcff882bc2f (patch) | |
tree | 8551185b69caddc7a9c51e1f3bc60c8d239b8bcf /net-mail | |
parent | remove old openvas-libraries ebuilds (diff) | |
download | gentoo-2-77c9fdf25a048054e83ff82f6db88bcff882bc2f.tar.gz gentoo-2-77c9fdf25a048054e83ff82f6db88bcff882bc2f.tar.bz2 gentoo-2-77c9fdf25a048054e83ff82f6db88bcff882bc2f.zip |
Improving suid behaviour, fixes #285108. Thanks to kiorky for the patch.
(Portage version: 2.2_rc40/cvs/Linux x86_64)
Diffstat (limited to 'net-mail')
-rw-r--r-- | net-mail/dovecot/ChangeLog | 5 | ||||
-rw-r--r-- | net-mail/dovecot/dovecot-1.2.4.ebuild | 16 |
2 files changed, 18 insertions, 3 deletions
diff --git a/net-mail/dovecot/ChangeLog b/net-mail/dovecot/ChangeLog index 62fe85de1b21..7237a32dfaca 100644 --- a/net-mail/dovecot/ChangeLog +++ b/net-mail/dovecot/ChangeLog @@ -1,6 +1,9 @@ # ChangeLog for net-mail/dovecot # Copyright 1999-2009 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/net-mail/dovecot/ChangeLog,v 1.208 2009/09/11 18:37:18 patrick Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-mail/dovecot/ChangeLog,v 1.209 2009/09/18 14:37:31 patrick Exp $ + + 18 Sep 2009; Patrick Lauer <patrick@gentoo.org> dovecot-1.2.4.ebuild: + Improving suid behaviour, fixes #285108. Thanks to kiorky for the patch. 11 Sep 2009; Patrick Lauer <patrick@gentoo.org> dovecot-1.2.4.ebuild: Fix useflag interdependency, closes #284622 diff --git a/net-mail/dovecot/dovecot-1.2.4.ebuild b/net-mail/dovecot/dovecot-1.2.4.ebuild index 6bf28d4bef70..bc7621d3827d 100644 --- a/net-mail/dovecot/dovecot-1.2.4.ebuild +++ b/net-mail/dovecot/dovecot-1.2.4.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2009 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-mail/dovecot/dovecot-1.2.4.ebuild,v 1.3 2009/09/11 18:37:18 patrick Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-mail/dovecot/dovecot-1.2.4.ebuild,v 1.4 2009/09/18 14:37:31 patrick Exp $ EAPI="2" @@ -52,6 +52,10 @@ pkg_setup() { # Add user and group for login process (same as for fedora/redhat) enewgroup dovecot 97 enewuser dovecot 97 -1 /dev/null dovecot + # add "mail" group for suid'ing. Better security isolation. + if use suid; then + enewgroup mail + fi } src_prepare() { @@ -125,7 +129,15 @@ src_compile() { src_install () { emake DESTDIR="${D}" install || die "make install failed" - use suid && fperms u+s /usr/libexec/dovecot/deliver + # insecure: + #use suid && fperms u+s /usr/libexec/dovecot/deliver + #better: + if use suid;then + einfo "Changing perms to allow deliver to be suided" + fowners root:mail /usr/libexec/dovecot/deliver + fperms 4750 /usr/libexec/dovecot/deliver + fi + rm -f "${D}"/etc/dovecot/dovecot-{ldap,sql}-example.conf |