[zypp-commit] r7298 - in /trunk/zypper: package/zypper.changes src/zypp-checkpatches-wrapper.c

Author: aschnell Date: Tue Sep 18 18:00:53 2007 New Revision: 7298 URL: http://svn.opensuse.org/viewcvs/zypp?rev=7298&view=rev Log: - check file-descriptors 0, 1 and 2 in zypp-checkpatches-wrapper Modified: trunk/zypper/package/zypper.changes trunk/zypper/src/zypp-checkpatches-wrapper.c Modified: trunk/zypper/package/zypper.changes URL: http://svn.opensuse.org/viewcvs/zypp/trunk/zypper/package/zypper.changes?rev=7298&r1=7297&r2=7298&view=diff ============================================================================== --- trunk/zypper/package/zypper.changes (original) +++ trunk/zypper/package/zypper.changes Tue Sep 18 18:00:53 2007 @@ -1,7 +1,8 @@ ------------------------------------------------------------------- Tue Sep 18 17:48:16 CEST 2007 - aschnell@suse.de -- call setgid and umask in zypp-checkpatches-wrapper (bug #325556) +- call setgid and umask and check file-descriptors 0, 1 and 2 in + zypp-checkpatches-wrapper (bug #325556) ------------------------------------------------------------------- Tue Sep 18 13:02:21 CEST 2007 - dmacvicar@suse.de Modified: trunk/zypper/src/zypp-checkpatches-wrapper.c URL: http://svn.opensuse.org/viewcvs/zypp/trunk/zypper/src/zypp-checkpatches-wrapper.c?rev=7298&r1=7297&r2=7298&view=diff ============================================================================== --- trunk/zypper/src/zypp-checkpatches-wrapper.c (original) +++ trunk/zypper/src/zypp-checkpatches-wrapper.c Tue Sep 18 18:00:53 2007 @@ -1,12 +1,13 @@ /* A setuid-root wrapper for zypper refresh repositories */ -/* setgid and umask */ +/* setgid, umask and open */ #include #include #include +#include /* clearenv */ #include -/* chdir, execl, setuid */ +/* chdir, execl, setuid, exit */ #include /* perror */ #include @@ -19,7 +20,20 @@ const char *arg3 = "-q"; const char *arg4 = "xu"; -int main (void) { +int main (void) +{ + /* see http://rechner.lst.de/~okir/blackhats/node41.html */ + while (1) { + int fd; + fd = open("/dev/null", O_RDWR); + if (fd < 0) + return WRAPPER_ERROR; + if (fd > 2) { + close(fd); + break; + } + } + /* cd / to avoid NFS problems */ if (chdir ("/")) { perror ("chdir"); -- To unsubscribe, e-mail: zypp-commit+unsubscribe@opensuse.org For additional commands, e-mail: zypp-commit+help@opensuse.org