aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorUlrich Müller <ulm@gentoo.org>2015-02-21 02:07:26 +0100
committerUlrich Müller <ulm@gentoo.org>2015-02-21 02:07:26 +0100
commit425820b6aee3bf5d94b72d3811d1e601d1fa4c50 (patch)
tree42c4eb9da1d905685f337949691d5531cd144e6c
parentBackport support for update-game-score to run sgid instead of suid. (diff)
downloademacs-patches-emacs-23.4-patches-16.tar.gz
emacs-patches-emacs-23.4-patches-16.tar.bz2
emacs-patches-emacs-23.4-patches-16.zip
Update games-sgid patch for version 23.4 and 24.4.emacs-24.4-patches-4emacs-23.4-patches-16
-rw-r--r--emacs/23.4/23_all_games-sgid.patch57
-rw-r--r--emacs/24.4/04_all_games-sgid.patch57
2 files changed, 90 insertions, 24 deletions
diff --git a/emacs/23.4/23_all_games-sgid.patch b/emacs/23.4/23_all_games-sgid.patch
index c69d089..812ab4c 100644
--- a/emacs/23.4/23_all_games-sgid.patch
+++ b/emacs/23.4/23_all_games-sgid.patch
@@ -1,6 +1,12 @@
Backport support for update-game-score to run sgid instead of suid.
This comprises parts of the following commits from upstream git:
+commit dbde138155118344b33dfd2db95f688a24a42fec
+Author: Ulrich Müller <ulm@gentoo.org>
+Date: Sun Feb 8 21:00:49 2015 +0100
+
+ configure --with-gameuser now defaults to games group.
+
commit 74ab488ff2e57f31eb5290266f0f3b1995ebf83e
Author: Paul Eggert <eggert@cs.ucla.edu>
Date: Thu Jan 22 00:39:30 2015 -0800
@@ -30,7 +36,7 @@ Date: Fri Jan 16 09:25:25 2015 +0100
dnl OPTION_DEFAULT_OFF(NAME, HELP-STRING)
dnl Create a new --with option that defaults to being disabled.
dnl NAME is the base name of the option. The shell variable with_NAME
-@@ -176,10 +174,25 @@
+@@ -176,10 +174,20 @@
CRT_DIR="${with_crt_dir}"
AC_ARG_WITH(gameuser,dnl
@@ -43,24 +49,19 @@ Date: Fri Jan 16 09:25:25 2015 +0100
+ An argument prefixed by ':' specifies a group instead.])])
+gameuser=
+gamegroup=
++# We don't test if we can actually chown/chgrp here, because configure
++# may run without root privileges. lib-src/Makefile.in will handle
++# any errors due to missing user/group gracefully.
+case ${with_gameuser} in
+ no) ;;
-+ "" | yes)
-+ AC_MSG_CHECKING([whether a 'games' user exists])
-+ if id -u games >/dev/null 2>&1; then
-+ AC_MSG_RESULT([yes])
-+ gameuser=games
-+ else
-+ AC_MSG_RESULT([no])
-+ fi
-+ ;;
++ "" | yes) gamegroup=games ;;
+ :*) gamegroup=`echo "${with_gameuser}" | sed -e "s/://"` ;;
+ *) gameuser=${with_gameuser} ;;
+esac
AC_ARG_WITH([gnustep-conf],dnl
[AS_HELP_STRING([--with-gnustep-conf=PATH],[path to GNUstep.conf; default $GNUSTEP_CONFIG_FILE, or /etc/GNUstep/GNUstep.conf])])
-@@ -2708,6 +2721,7 @@
+@@ -2708,6 +2716,7 @@
AC_SUBST(bitmapdir)
AC_SUBST(gamedir)
AC_SUBST(gameuser)
@@ -213,6 +214,38 @@ Date: Fri Jan 16 09:25:25 2015 +0100
}
--- emacs-23.4-orig/lisp/play/gamegrid.el
+++ emacs-23.4/lisp/play/gamegrid.el
+@@ -466,22 +466,22 @@
+ ;; `gamegrid-add-score' was supposed to be used in the past and
+ ;; is covered here for backward-compatibility.
+ ;;
+-;; 2. The helper program "update-game-score" is setuid and the
+-;; file FILE does already exist in a system wide shared game
+-;; directory. This should be the normal case on POSIX systems,
+-;; if the game was installed system wide. Use
++;; 2. The helper program "update-game-score" is setgid or setuid
++;; and the file FILE does already exist in a system wide shared
++;; game directory. This should be the normal case on POSIX
++;; systems, if the game was installed system wide. Use
+ ;; "update-game-score" to add the score to the file in the
+ ;; shared game directory.
+ ;;
+-;; 3. "update-game-score" is setuid, but the file FILE does *not*
+-;; exist in the system wide shared game directory. Use
++;; 3. "update-game-score" is setgid/setuid, but the file FILE does
++;; *not* exist in the system wide shared game directory. Use
+ ;; `gamegrid-add-score-insecure' to create--if necessary--and
+ ;; update FILE. This is for the case that a user has installed
+ ;; a game on her own.
+ ;;
+-;; 4. "update-game-score" is not setuid. Use it to create/update
+-;; FILE in the user's home directory. There is presumably no
+-;; shared game directory.
++;; 4. "update-game-score" is not setgid/setuid. Use it to
++;; create/update FILE in the user's home directory. There is
++;; presumably no shared game directory.
+
+ (defvar gamegrid-shared-game-dir)
+
@@ -491,13 +491,13 @@
(not (zerop (logand (file-modes
(expand-file-name "update-game-score"
@@ -225,7 +258,7 @@ Date: Fri Jan 16 09:25:25 2015 +0100
(file-exists-p (expand-file-name file shared-game-score-directory)))
- ;; Use the setuid "update-game-score" program to update a
- ;; system-wide score file.
-+ ;; Use the setuid (or setgid) "update-game-score" program
++ ;; Use the setgid (or setuid) "update-game-score" program
+ ;; to update a system-wide score file.
(gamegrid-add-score-with-update-game-score-1 file
(expand-file-name file shared-game-score-directory) score))
diff --git a/emacs/24.4/04_all_games-sgid.patch b/emacs/24.4/04_all_games-sgid.patch
index 1c0f43c..882e3ca 100644
--- a/emacs/24.4/04_all_games-sgid.patch
+++ b/emacs/24.4/04_all_games-sgid.patch
@@ -1,6 +1,12 @@
Backport support for update-game-score to run sgid instead of suid.
This comprises parts of the following commits from upstream git:
+commit dbde138155118344b33dfd2db95f688a24a42fec
+Author: Ulrich Müller <ulm@gentoo.org>
+Date: Sun Feb 8 21:00:49 2015 +0100
+
+ configure --with-gameuser now defaults to games group.
+
commit 74ab488ff2e57f31eb5290266f0f3b1995ebf83e
Author: Paul Eggert <eggert@cs.ucla.edu>
Date: Thu Jan 22 00:39:30 2015 -0800
@@ -21,7 +27,7 @@ Date: Fri Jan 16 09:25:25 2015 +0100
--- emacs-24.4-orig/configure.ac
+++ emacs-24.4/configure.ac
-@@ -313,10 +313,25 @@
+@@ -313,10 +313,20 @@
fi
AC_ARG_WITH(gameuser,dnl
@@ -34,24 +40,19 @@ Date: Fri Jan 16 09:25:25 2015 +0100
+ An argument prefixed by ':' specifies a group instead.])])
+gameuser=
+gamegroup=
++# We don't test if we can actually chown/chgrp here, because configure
++# may run without root privileges. lib-src/Makefile.in will handle
++# any errors due to missing user/group gracefully.
+case ${with_gameuser} in
+ no) ;;
-+ "" | yes)
-+ AC_MSG_CHECKING([whether a 'games' user exists])
-+ if id -u games >/dev/null 2>&1; then
-+ AC_MSG_RESULT([yes])
-+ gameuser=games
-+ else
-+ AC_MSG_RESULT([no])
-+ fi
-+ ;;
++ "" | yes) gamegroup=games ;;
+ :*) gamegroup=`echo "${with_gameuser}" | sed -e "s/://"` ;;
+ *) gameuser=${with_gameuser} ;;
+esac
AC_ARG_WITH([gnustep-conf],dnl
[AS_HELP_STRING([--with-gnustep-conf=FILENAME],
-@@ -4658,6 +4673,7 @@
+@@ -4658,6 +4668,7 @@
AC_SUBST(bitmapdir)
AC_SUBST(gamedir)
AC_SUBST(gameuser)
@@ -207,6 +208,38 @@ Date: Fri Jan 16 09:25:25 2015 +0100
return 0;
--- emacs-24.4-orig/lisp/play/gamegrid.el
+++ emacs-24.4/lisp/play/gamegrid.el
+@@ -462,22 +462,22 @@
+ ;; `gamegrid-add-score' was supposed to be used in the past and
+ ;; is covered here for backward-compatibility.
+ ;;
+-;; 2. The helper program "update-game-score" is setuid and the
+-;; file FILE does already exist in a system wide shared game
+-;; directory. This should be the normal case on POSIX systems,
+-;; if the game was installed system wide. Use
++;; 2. The helper program "update-game-score" is setgid or setuid
++;; and the file FILE does already exist in a system wide shared
++;; game directory. This should be the normal case on POSIX
++;; systems, if the game was installed system wide. Use
+ ;; "update-game-score" to add the score to the file in the
+ ;; shared game directory.
+ ;;
+-;; 3. "update-game-score" is setuid, but the file FILE does *not*
+-;; exist in the system wide shared game directory. Use
++;; 3. "update-game-score" is setgid/setuid, but the file FILE does
++;; *not* exist in the system wide shared game directory. Use
+ ;; `gamegrid-add-score-insecure' to create--if necessary--and
+ ;; update FILE. This is for the case that a user has installed
+ ;; a game on her own.
+ ;;
+-;; 4. "update-game-score" is not setuid. Use it to create/update
+-;; FILE in the user's home directory. There is presumably no
+-;; shared game directory.
++;; 4. "update-game-score" is not setgid/setuid. Use it to
++;; create/update FILE in the user's home directory. There is
++;; presumably no shared game directory.
+
+ (defvar gamegrid-shared-game-dir)
+
@@ -486,13 +486,13 @@
(not (zerop (logand (file-modes
(expand-file-name "update-game-score"
@@ -219,7 +252,7 @@ Date: Fri Jan 16 09:25:25 2015 +0100
(file-exists-p (expand-file-name file shared-game-score-directory)))
- ;; Use the setuid "update-game-score" program to update a
- ;; system-wide score file.
-+ ;; Use the setuid (or setgid) "update-game-score" program
++ ;; Use the setgid (or setuid) "update-game-score" program
+ ;; to update a system-wide score file.
(gamegrid-add-score-with-update-game-score-1 file
(expand-file-name file shared-game-score-directory) score))