diff options
| author | Brooks Davis <brooks@FreeBSD.org> | 2006-01-23 21:28:51 +0000 |
|---|---|---|
| committer | Brooks Davis <brooks@FreeBSD.org> | 2006-01-23 21:28:51 +0000 |
| commit | c4e811d664ee417149412725cc5e9cfa00f3bec1 (patch) | |
| tree | 70c059bbb0435a575541375eb74a08920a66e60d /sysutils/sge53/files/patch-3rdparty_remote_rsh.c | |
| parent | Add to hamradio virtual category. (diff) | |
Fix a local root exploit in SGE and SGEEE. In sysutils/sge upgrade to
the security release 6.0.7.1. For sysutils/sge53 and sysutils/sgeee53
(a slave of sge53), patch directly. While I'm here deprecate SGE 5.3.
Obtained from: Sun
Security: 57a0242d-8c4e-11da-8ddf-000ae42e9b93 (VuXML)
Notes
Notes:
svn path=/head/; revision=154293
Diffstat (limited to 'sysutils/sge53/files/patch-3rdparty_remote_rsh.c')
| -rw-r--r-- | sysutils/sge53/files/patch-3rdparty_remote_rsh.c | 49 |
1 files changed, 49 insertions, 0 deletions
diff --git a/sysutils/sge53/files/patch-3rdparty_remote_rsh.c b/sysutils/sge53/files/patch-3rdparty_remote_rsh.c new file mode 100644 index 000000000000..6bd881b50596 --- /dev/null +++ b/sysutils/sge53/files/patch-3rdparty_remote_rsh.c @@ -0,0 +1,49 @@ + +$FreeBSD$ + +--- 3rdparty/remote/rsh.c.orig ++++ 3rdparty/remote/rsh.c +@@ -141,7 +141,7 @@ + struct passwd *pw; + struct servent *sp; + long omask = 0; +- int argoff, asrsh, ch, dflag, nflag, one, rem; ++ int argoff, ch, dflag, nflag, one, rem; + pid_t pid = 0; + uid_t uid; + char *args, *host, *p, *user; +@@ -156,7 +156,7 @@ + sigset_t set; + #endif + +- argoff = asrsh = dflag = nflag = 0; ++ argoff = dflag = nflag = 0; + one = 1; + host = user = NULL; + +@@ -167,8 +167,6 @@ + p = argv[0]; + if (strcmp(p, "rsh")) + host = p; +- else +- asrsh = 1; + + /* handle "rsh host flags" */ + if (!host && argc > 2 && argv[1][0] != '-') { +@@ -241,13 +239,9 @@ + if (!host && !(host = argv[optind++])) + usage(); + +- /* if no further arguments, must have been called as rlogin. */ +- if (!argv[optind]) { +- if (asrsh) +- *argv = "rlogin"; +- execvp("rlogin", argv); +- fprintf(stderr, "can't exec %s", "rlogin"); +- } ++ /* if no further arguments, error. We don't call rlogin! */ ++ if (!argv[optind]) ++ usage(); + + argc -= optind; + argv += optind; |