diff options
Diffstat (limited to 'packages/gnupg/gnupg-1.4.0/16_min_privileges.patch')
| -rw-r--r-- | packages/gnupg/gnupg-1.4.0/16_min_privileges.patch | 68 |
1 files changed, 68 insertions, 0 deletions
diff --git a/packages/gnupg/gnupg-1.4.0/16_min_privileges.patch b/packages/gnupg/gnupg-1.4.0/16_min_privileges.patch index e69de29bb2..b29233b33b 100644 --- a/packages/gnupg/gnupg-1.4.0/16_min_privileges.patch +++ b/packages/gnupg/gnupg-1.4.0/16_min_privileges.patch @@ -0,0 +1,68 @@ +--- gnupg-1.4.0/g10/g10.c 2004-12-16 09:47:36.000000000 +0000 ++++ /tmp/dpep.O5S02c/gnupg-1.4.0/g10/g10.c 2005-02-03 23:31:40.645873299 +0000 +@@ -69,6 +69,11 @@ + #endif + + ++#ifdef USE_CAPABILITIES ++#include <sys/capability.h> ++#include <sys/prctl.h> ++#endif ++ + enum cmd_and_opt_values + { + aNull = 0, +@@ -1618,6 +1623,10 @@ + #ifdef USE_SHM_COPROCESSING + ulong requested_shm_size=0; + #endif ++#ifdef USE_CAPABILITIES ++ uid_t curr_uid; ++ cap_t caps; ++#endif + + #ifdef __riscos__ + opt.lock_once = 1; +@@ -1629,6 +1638,33 @@ + * when adding any stuff between here and the call to + * secmem_init() somewhere after the option parsing + */ ++ ++ /* if we use capabilities and run as root, we can immediately setuid back ++ * to the normal user and only keep CAP_IPC_LOCK until the shared memory is ++ * set up. ++ */ ++#ifdef USE_CAPABILITIES ++ curr_uid = getuid(); ++ if( curr_uid && !geteuid() ) { /* we are setuid root */ ++ if( prctl( PR_SET_KEEPCAPS, 1, 0, 0, 0 ) ) { ++ perror( "main(): could not keep capabilities" ); ++ return -100; ++ } ++ ++ if( setuid( curr_uid ) ) { ++ perror( "main(): could not set user id" ); ++ return -100; ++ } ++ ++ caps = cap_from_text( "cap_ipc_lock=p" ); ++ if( cap_set_proc( caps ) ) { ++ perror( "main(): could not install capabilities" ); ++ return -100; ++ } ++ cap_free( caps ); ++ } ++#endif ++ + log_set_name("gpg"); + secure_random_alloc(); /* put random number into secure memory */ + may_coredump = disable_core_dumps(); +@@ -1747,7 +1783,7 @@ + } + #endif + /* initialize the secure memory. */ +- got_secmem=secmem_init( 32768 ); ++ got_secmem=secmem_init( 32768 ); /* this will drop all remaining privileges */ + maybe_setuid = 0; + /* Okay, we are now working under our real uid */ + |