summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorZac Medico <zmedico@gentoo.org>2016-12-13 09:07:46 -0800
committerZac Medico <zmedico@gentoo.org>2016-12-13 09:11:05 -0800
commit012351c00a0b366bbf052222306cf939e9471db1 (patch)
tree9343b85643b2b8db908309e9a953640db2443e65
parentapp-emulation/docker: Version bump to 1.12.4 (diff)
downloadgentoo-012351c00a0b366bbf052222306cf939e9471db1.tar.gz
gentoo-012351c00a0b366bbf052222306cf939e9471db1.tar.bz2
gentoo-012351c00a0b366bbf052222306cf939e9471db1.zip
net-misc/peervpn: 0.044-r1 revbump for bug 602550
Fix the openrc init script start_post function to use the chown --no-dereference option in order to prevent privilege escalation attacks. X-Gentoo-bug: 602550 X-Gentoo-bug-url: https://bugs.gentoo.org/show_bug.cgi?id=602550 Package-Manager: portage-2.3.3
-rw-r--r--net-misc/peervpn/files/peervpn.initd4
-rw-r--r--net-misc/peervpn/peervpn-0.044-r1.ebuild (renamed from net-misc/peervpn/peervpn-0.044.ebuild)0
2 files changed, 3 insertions, 1 deletions
diff --git a/net-misc/peervpn/files/peervpn.initd b/net-misc/peervpn/files/peervpn.initd
index 3174dc67f68..0f891b32221 100644
--- a/net-misc/peervpn/files/peervpn.initd
+++ b/net-misc/peervpn/files/peervpn.initd
@@ -27,5 +27,7 @@ start_pre() {
}
start_post() {
- chown "${user}":"${group}" "${logfile}"
+ # Use --no-dereference to prevent privilege escalation
+ # attacks. Fixes bug #602550.
+ chown --no-dereference "${user}":"${group}" "${logfile}"
}
diff --git a/net-misc/peervpn/peervpn-0.044.ebuild b/net-misc/peervpn/peervpn-0.044-r1.ebuild
index 52e1451c5f7..52e1451c5f7 100644
--- a/net-misc/peervpn/peervpn-0.044.ebuild
+++ b/net-misc/peervpn/peervpn-0.044-r1.ebuild