diff options
Diffstat (limited to 'emacs')
-rw-r--r-- | emacs/24.5/04_all_games-sgid.patch | 259 |
1 files changed, 259 insertions, 0 deletions
diff --git a/emacs/24.5/04_all_games-sgid.patch b/emacs/24.5/04_all_games-sgid.patch new file mode 100644 index 0000000..882e3ca --- /dev/null +++ b/emacs/24.5/04_all_games-sgid.patch @@ -0,0 +1,259 @@ +Backport support for update-game-score to run sgid instead of suid. +This comprises parts of the following commits from upstream git: + +commit dbde138155118344b33dfd2db95f688a24a42fec +Author: Ulrich Müller <ulm@gentoo.org> +Date: Sun Feb 8 21:00:49 2015 +0100 + + configure --with-gameuser now defaults to games group. + +commit 74ab488ff2e57f31eb5290266f0f3b1995ebf83e +Author: Paul Eggert <eggert@cs.ucla.edu> +Date: Thu Jan 22 00:39:30 2015 -0800 + + Check exit statuses in lib-src/Makefile + +commit 7f4e7dd378c456b498c270b47b46aaae365a72ab +Author: Ulrich Müller <ulm@gentoo.org> +Date: Thu Jan 22 08:24:42 2015 +0100 + + Don't fail if chown or chgrp for 'update-game-score' is unsuccessful. + +commit 20f66485526b69eb26f2e70bd835a5e1333559d5 +Author: Ulrich Müller <ulm@gentoo.org> +Date: Fri Jan 16 09:25:25 2015 +0100 + + Allow update-game-score to run sgid instead of suid. + +--- emacs-24.4-orig/configure.ac ++++ emacs-24.4/configure.ac +@@ -313,10 +313,20 @@ + fi + + AC_ARG_WITH(gameuser,dnl +-[AS_HELP_STRING([--with-gameuser=USER],[user for shared game score files])]) +-test "X${with_gameuser}" != X && test "${with_gameuser}" != yes \ +- && gameuser="${with_gameuser}" +-test "X$gameuser" = X && gameuser=games ++[AS_HELP_STRING([--with-gameuser=USER_OR_GROUP], ++ [user for shared game score files. ++ An argument prefixed by ':' specifies a group instead.])]) ++gameuser= ++gamegroup= ++# We don't test if we can actually chown/chgrp here, because configure ++# may run without root privileges. lib-src/Makefile.in will handle ++# any errors due to missing user/group gracefully. ++case ${with_gameuser} in ++ no) ;; ++ "" | yes) gamegroup=games ;; ++ :*) gamegroup=`echo "${with_gameuser}" | sed -e "s/://"` ;; ++ *) gameuser=${with_gameuser} ;; ++esac + + AC_ARG_WITH([gnustep-conf],dnl + [AS_HELP_STRING([--with-gnustep-conf=FILENAME], +@@ -4658,6 +4668,7 @@ + AC_SUBST(bitmapdir) + AC_SUBST(gamedir) + AC_SUBST(gameuser) ++AC_SUBST(gamegroup) + ## FIXME? Nothing uses @LD_SWITCH_X_SITE@. + ## src/Makefile.in did add LD_SWITCH_X_SITE (as a cpp define) to the + ## end of LIBX_BASE, but nothing ever set it. +--- emacs-24.4-orig/lib-src/Makefile.in ++++ emacs-24.4/lib-src/Makefile.in +@@ -101,6 +101,7 @@ + + gamedir=@gamedir@ + gameuser=@gameuser@ ++gamegroup=@gamegroup@ + + # ==================== Utility Programs for the Build ================= + +@@ -243,10 +244,25 @@ + umask 022; ${MKDIR_P} "$(DESTDIR)${gamedir}"; \ + touch "$(DESTDIR)${gamedir}/snake-scores"; \ + touch "$(DESTDIR)${gamedir}/tetris-scores" +- -if chown ${gameuser} "$(DESTDIR)${archlibdir}/update-game-score${EXEEXT}" && chmod u+s "$(DESTDIR)${archlibdir}/update-game-score${EXEEXT}"; then \ +- chown ${gameuser} "$(DESTDIR)${gamedir}"; \ ++ifneq ($(gameuser),) ++ if chown ${gameuser} \ ++ "$(DESTDIR)${archlibdir}/update-game-score${EXEEXT}" && \ ++ chmod u+s,go-r \ ++ "$(DESTDIR)${archlibdir}/update-game-score${EXEEXT}"; \ ++ then \ ++ chown ${gameuser} "$(DESTDIR)${gamedir}" && \ ++ chmod u=rwx,g=rx,o=rx "$(DESTDIR)${gamedir}"; \ ++ fi ++else ifneq ($(gamegroup),) ++ if chgrp ${gamegroup} \ ++ "$(DESTDIR)${archlibdir}/update-game-score${EXEEXT}" && \ ++ chmod g+s,o-r \ ++ "$(DESTDIR)${archlibdir}/update-game-score${EXEEXT}"; \ ++ then \ ++ chgrp ${gamegroup} "$(DESTDIR)${gamedir}" && \ + chmod u=rwx,g=rwx,o=rx "$(DESTDIR)${gamedir}"; \ + fi ++endif + exp_archlibdir=`cd "$(DESTDIR)${archlibdir}" && /bin/pwd`; \ + if [ "$$exp_archlibdir" != "`cd ${srcdir} && /bin/pwd`" ]; then \ + for file in ${SCRIPTS}; do \ +--- emacs-24.4-orig/lib-src/update-game-score.c ++++ emacs-24.4/lib-src/update-game-score.c +@@ -21,8 +21,8 @@ + + + /* This program allows a game to securely and atomically update a +- score file. It should be installed setuid, owned by an appropriate +- user like `games'. ++ score file. It should be installed either setuid or setgid, owned ++ by an appropriate user or group like `games'. + + Alternatively, it can be compiled without HAVE_SHARED_GAME_DIR + defined, and in that case it will store scores in the user's home +@@ -89,7 +89,7 @@ + ptrdiff_t *size, struct score_entry const *newscore); + static void sort_scores (struct score_entry *scores, ptrdiff_t count, + bool reverse); +-static int write_scores (const char *filename, ++static int write_scores (const char *filename, mode_t mode, + const struct score_entry *scores, ptrdiff_t count); + + static _Noreturn void +@@ -122,18 +122,19 @@ + } + + static const char * +-get_prefix (bool running_suid, const char *user_prefix) ++get_prefix (bool privileged, const char *user_prefix) + { +- if (!running_suid && user_prefix == NULL) +- lose ("Not using a shared game directory, and no prefix given."); +- if (running_suid) ++ if (privileged) + { + #ifdef HAVE_SHARED_GAME_DIR + return HAVE_SHARED_GAME_DIR; + #else +- lose ("This program was compiled without HAVE_SHARED_GAME_DIR,\n and should not be suid."); ++ lose ("This program was compiled without HAVE_SHARED_GAME_DIR,\n" ++ "and should not run with elevated privileges."); + #endif + } ++ if (user_prefix == NULL) ++ lose ("Not using a shared game directory, and no prefix given."); + return user_prefix; + } + +@@ -141,7 +142,7 @@ + main (int argc, char **argv) + { + int c; +- bool running_suid; ++ bool running_suid, running_sgid; + void *lockstate; + char *scorefile; + char *nl; +@@ -183,8 +184,11 @@ + usage (EXIT_FAILURE); + + running_suid = (getuid () != geteuid ()); ++ running_sgid = (getgid () != getegid ()); ++ if (running_suid && running_sgid) ++ lose ("This program can run either suid or sgid, but not both."); + +- prefix = get_prefix (running_suid, user_prefix); ++ prefix = get_prefix (running_suid || running_sgid, user_prefix); + + scorefile = malloc (strlen (prefix) + strlen (argv[optind]) + 2); + if (!scorefile) +@@ -234,7 +238,8 @@ + scores += scorecount - max_scores; + scorecount = max_scores; + } +- if (write_scores (scorefile, scores, scorecount) < 0) ++ if (write_scores (scorefile, running_sgid ? 0664 : 0644, ++ scores, scorecount) < 0) + { + unlock_file (scorefile, lockstate); + lose_syserr ("Failed to write scores file"); +@@ -429,8 +434,8 @@ + } + + static int +-write_scores (const char *filename, const struct score_entry *scores, +- ptrdiff_t count) ++write_scores (const char *filename, mode_t mode, ++ const struct score_entry *scores, ptrdiff_t count) + { + int fd; + FILE *f; +@@ -444,7 +449,7 @@ + if (fd < 0) + return -1; + #ifndef DOS_NT +- if (fchmod (fd, 0644) != 0) ++ if (fchmod (fd, mode) != 0) + return -1; + #endif + f = fdopen (fd, "w"); +@@ -460,7 +465,7 @@ + if (rename (tempfile, filename) != 0) + return -1; + #ifdef DOS_NT +- if (chmod (filename, 0644) < 0) ++ if (chmod (filename, mode) < 0) + return -1; + #endif + return 0; +--- emacs-24.4-orig/lisp/play/gamegrid.el ++++ emacs-24.4/lisp/play/gamegrid.el +@@ -462,22 +462,22 @@ + ;; `gamegrid-add-score' was supposed to be used in the past and + ;; is covered here for backward-compatibility. + ;; +-;; 2. The helper program "update-game-score" is setuid and the +-;; file FILE does already exist in a system wide shared game +-;; directory. This should be the normal case on POSIX systems, +-;; if the game was installed system wide. Use ++;; 2. The helper program "update-game-score" is setgid or setuid ++;; and the file FILE does already exist in a system wide shared ++;; game directory. This should be the normal case on POSIX ++;; systems, if the game was installed system wide. Use + ;; "update-game-score" to add the score to the file in the + ;; shared game directory. + ;; +-;; 3. "update-game-score" is setuid, but the file FILE does *not* +-;; exist in the system wide shared game directory. Use ++;; 3. "update-game-score" is setgid/setuid, but the file FILE does ++;; *not* exist in the system wide shared game directory. Use + ;; `gamegrid-add-score-insecure' to create--if necessary--and + ;; update FILE. This is for the case that a user has installed + ;; a game on her own. + ;; +-;; 4. "update-game-score" is not setuid. Use it to create/update +-;; FILE in the user's home directory. There is presumably no +-;; shared game directory. ++;; 4. "update-game-score" is not setgid/setuid. Use it to ++;; create/update FILE in the user's home directory. There is ++;; presumably no shared game directory. + + (defvar gamegrid-shared-game-dir) + +@@ -486,13 +486,13 @@ + (not (zerop (logand (file-modes + (expand-file-name "update-game-score" + exec-directory)) +- #o4000))))) ++ #o6000))))) + (cond ((file-name-absolute-p file) + (gamegrid-add-score-insecure file score)) + ((and gamegrid-shared-game-dir + (file-exists-p (expand-file-name file shared-game-score-directory))) +- ;; Use the setuid "update-game-score" program to update a +- ;; system-wide score file. ++ ;; Use the setgid (or setuid) "update-game-score" program ++ ;; to update a system-wide score file. + (gamegrid-add-score-with-update-game-score-1 file + (expand-file-name file shared-game-score-directory) score)) + ;; Else: Add the score to a score file in the user's home |