Mercurial > pkg
changeset 20:c75924bd38e3
fix security hole relating to path for package user.
| author | Robert McIntyre <rlm@mit.edu> |
|---|---|
| date | Thu, 10 Jan 2013 04:25:17 +0000 |
| parents | 4fbe69d24a9c |
| children | d46aeb3166d0 |
| files | src/hg-wrapper.c src/pkg.pl src/system-init.pl |
| diffstat | 3 files changed, 7 insertions(+), 4 deletions(-) [+] |
line wrap: on
line diff
1.1 --- a/src/hg-wrapper.c Wed Jan 09 12:32:58 2013 +0000 1.2 +++ b/src/hg-wrapper.c Thu Jan 10 04:25:17 2013 +0000 1.3 @@ -2,7 +2,8 @@ 1.4 #include <unistd.h> 1.5 1.6 main( int argc, char ** argv){ 1.7 - pipecmd* p = pipecmd_new("hg"); 1.8 + pipecmd* p = 1.9 + pipecmd_new("/pkg/hg-committer/hg"); 1.10 1.11 int i; 1.12 for(i = 1; i < argc; i++){
2.1 --- a/src/pkg.pl Wed Jan 09 12:32:58 2013 +0000 2.2 +++ b/src/pkg.pl Thu Jan 10 04:25:17 2013 +0000 2.3 @@ -79,7 +79,7 @@ 2.4 2.5 @pkg_copy_hg_wrapper_cmd = 2.6 (install, "-g", "hg-wheel", "-o", "hg-committer", 2.7 - "-m", "6111", "/pkg/hg-committer/.hg-wrapper", $pkg_home); 2.8 + "-m", "6111", "/pkg/hg-committer/hg-wrapper", "$pkg_home/.hg-wrapper"); 2.9 2.10 sub execute{print "\t@_\n"; system(@_) and die $!;} 2.11
3.1 --- a/src/system-init.pl Wed Jan 09 12:32:58 2013 +0000 3.2 +++ b/src/system-init.pl Thu Jan 10 04:25:17 2013 +0000 3.3 @@ -126,8 +126,10 @@ 3.4 3.5 $pwd = getcwd; 3.6 execute("gpasswd --add hg-committer hg-wheel"); 3.7 -execute("ln -sfv $pwd/profile /pkg/hg-committer/.profile"); 3.8 -execute("ln -sfv $pwd/hg-wrapper /pkg/hg-committer/.hg-wrapper"); 3.9 +execute("ln -sf $pwd/profile /pkg/hg-committer/.profile"); 3.10 +execute("ln -sf $pwd/hg-wrapper /pkg/hg-committer/"); 3.11 +execute("ln -sf `which hg` /pkg/hg-committer/"); 3.12 3.13 3.14 3.15 +