packages: libgnomesu/libgnomesu-safe-path.patch (NEW) - merged from OpenSUS...

hawk hawk at pld-linux.org
Thu Nov 25 10:41:23 CET 2010 

Author: hawk                         Date: Thu Nov 25 09:41:23 2010 GMT
Module: packages                      Tag: HEAD
---- Log message:
- merged from OpenSUSE: when making $PATH safer, try to keep what's
  relevant from $PATH

---- Files affected:
packages/libgnomesu:
   libgnomesu-safe-path.patch (NONE -> 1.1)  (NEW)

---- Diffs:

================================================================
Index: packages/libgnomesu/libgnomesu-safe-path.patch
diff -u /dev/null packages/libgnomesu/libgnomesu-safe-path.patch:1.1
--- /dev/null	Thu Nov 25 10:41:23 2010
+++ packages/libgnomesu/libgnomesu-safe-path.patch	Thu Nov 25 10:41:17 2010
@@ -0,0 +1,44 @@
+Index: libgnomesu-1.0.0/su-backend/common.c
+===================================================================
+--- libgnomesu-1.0.0.orig/su-backend/common.c
++++ libgnomesu-1.0.0/su-backend/common.c
+@@ -170,10 +170,35 @@ modify_environment (const struct passwd
+ 	    || (strlen (path) > 2 && strcmp (path + strlen (path) - 2, ":.") == 0)
+ 	    || strcmp (path, ".") == 0))
+ 	{
+-		/* Reset PATH to a reasonably safe list of directories */
+-		path = (pw->pw_uid) ? DEFAULT_LOGIN_PATH : DEFAULT_ROOT_LOGIN_PATH;
+-		setenv ("PATH", path, 1);
+-	} else if (!path)
++		char **paths;
++		char **new_paths;
++		int    path_len;
++		int    i, j;
++
++		paths = g_strsplit (path, ":", -1);
++		path_len = g_strv_length (paths);
++		new_paths = g_new0 (char *, path_len);
++
++		j = 0;
++		for (i = 0; i < path_len; i++) {
++			if (paths[i] && !strchr(paths[i], '.')) {
++				new_paths[j++] = g_strdup (paths[i]);
++			}
++		}
++
++		g_strfreev (paths);
++		if (j != 0) {
++			char *new_path;
++			new_path = g_strjoinv (":", new_paths);
++			setenv ("PATH", new_path, 1);
++			g_free (new_path);
++		} else {
++			/* make sure we set PATH to something below */
++			path = NULL;
++		}
++	}
++	
++	if (!path)
+ 		xputenv (concat ("PATH", "=",
+ 			(pw->pw_uid) ? DEFAULT_LOGIN_PATH : DEFAULT_ROOT_LOGIN_PATH));
+ 
================================================================

More information about the pld-cvs-commit mailing list