From d9b67c242d93bd6d9da12d7d62ebb63ca57c322c Mon Sep 17 00:00:00 2001
From: Kris Kennaway <kris@FreeBSD.org>
Date: Tue, 4 Sep 2001 19:20:42 +0000
Subject: Patch against a bug which is a local root vulnerability on other
 platforms, but which I could not repeat on FreeBSD.  It may still be a
 problem, but it looks like screen was already dropping privilege before the
 operation in question.

Submitted by:	Roman Drahtmueller <draht@suse.de>
---
 misc/screen/files/patch-sec1 | 13 +++++++++++++
 1 file changed, 13 insertions(+)
 create mode 100644 misc/screen/files/patch-sec1

(limited to 'misc/screen/files/patch-sec1')

diff --git a/misc/screen/files/patch-sec1 b/misc/screen/files/patch-sec1
new file mode 100644
index 000000000000..abeeb0c48b68
--- /dev/null
+++ b/misc/screen/files/patch-sec1
@@ -0,0 +1,13 @@
+--- screen.c.orig	Fri May 25 16:40:10 2001
++++ screen.c	Mon Sep  3 15:48:24 2001
+@@ -1061,6 +1061,10 @@
+ 	  Attacher();
+ 	  /* NOTREACHED */
+ 	}
++#ifdef MULTIUSER
++      if (multiattach)
++	Panic(0, "Can't create sessions of other users.");
++#endif 
+       debug("screen -r: backend not responding -- still crying\n");
+     }
+   else if (dflag && !mflag)
-- 
cgit v1.2.3