File man-db-2.6.5-security4.dif of Package man

Overview Repositories Revisions Requests Users Attributes Meta

File man-db-2.6.5-security4.dif of Package man

---
 src/mandb.c | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git src/mandb.c src/mandb.c
index 86b9e97..5b8c57d 100644
--- src/mandb.c
+++ src/mandb.c
@@ -37,6 +37,7 @@
 #include <errno.h>
 #include <sys/types.h>
 #include <sys/stat.h>	/* for chmod() */
+#include <fcntl.h>	/* for open () */
 #include <dirent.h>
 #include <unistd.h>
 #include <signal.h>
@@ -422,10 +423,19 @@ static int mandb (const char *catpath, const char *manpath)
 	char *dbname;
 	char *cachedir_tag;
 	struct stat st;
+	int fd;
 
 	dbname = mkdbname (catpath);
 	database = xasprintf ("%s/%d", catpath, getpid ());
 
+	/* Just for the case that catpath isn't a system catpath */
+	drop_effective_privs ();
+	fd = open (database, O_WRONLY | O_CREAT | O_EXCL, 0644);
+	regain_effective_privs ();
+	if (fd < 0)
+		error (FATAL, errno, _("can't create a temporary filename"));
+	close(fd);
+
 	if (!quiet) 
 		printf (_("Processing manual pages under %s...\n"), manpath);
 
@@ -433,6 +443,7 @@ static int mandb (const char *catpath, const char *manpath)
 	if (stat (cachedir_tag, &st) == -1 && errno == ENOENT) {
 		FILE *cachedir_tag_file;
 
+		drop_effective_privs ();
 		cachedir_tag_file = fopen (cachedir_tag, "w");
 		if (cachedir_tag_file) {
 			fputs ("Signature: 8a477f597d28d172789f06886806bc55\n"
@@ -444,6 +455,7 @@ static int mandb (const char *catpath, const char *manpath)
 			       cachedir_tag_file);
 			fclose (cachedir_tag_file);
 		}
+		regain_effective_privs ();
 	}
 	free (cachedir_tag);
 
-- 
1.8.4.5

Places

File man-db-2.6.5-security4.dif of Package man

Places