[arch-commits] Commit in xbill/repos (3 files)

Eric Bélanger eric at archlinux.org
Tue Dec 23 06:11:22 UTC 2008 

    Date: Tuesday, December 23, 2008 @ 01:11:22
  Author: eric
Revision: 22212

Merged revisions 22211 via svnmerge from 
svn+ssh://svn.archlinux.org/srv/svn-packages/xbill/trunk

........
  r22211 | eric | 2008-12-23 01:10:49 -0500 (Tue, 23 Dec 2008) | 2 lines
  
  upgpkg: xbill 2.1-6
      Switched from gtk to athena toolkit. This removed the need of the wrapper script that introduced a security hazard (close FS#12484).
........

Modified:
  xbill/repos/testing-x86_64/	(properties)
  xbill/repos/testing-x86_64/PKGBUILD
Deleted:
  xbill/repos/testing-x86_64/xbill-wrapper.c

-----------------+
 PKGBUILD        |   19 +++++-------
 xbill-wrapper.c |   82 ------------------------------------------------------
 2 files changed, 8 insertions(+), 93 deletions(-)


Property changes on: xbill/repos/testing-x86_64
___________________________________________________________________
Modified: svnmerge-integrated
   - /xbill/trunk:1-21759
   + /xbill/trunk:1-22211

Modified: testing-x86_64/PKGBUILD
===================================================================
--- testing-x86_64/PKGBUILD	2008-12-23 06:10:49 UTC (rev 22211)
+++ testing-x86_64/PKGBUILD	2008-12-23 06:11:22 UTC (rev 22212)
@@ -4,30 +4,27 @@
 
 pkgname=xbill
 pkgver=2.1
-pkgrel=5
+pkgrel=6
 pkgdesc="Xbill is a game that tests you reflexes as you seek and destroy all forms of Bill"
 arch=('i686' 'x86_64')
 url="http://www.xbill.org/"
 license=('GPL')
-depends=('gtk' 'xaw3d>=1.5E' 'lesstif')
-makedepends=('libxaw')
+depends=('xaw3d>=1.5E' 'libxaw')
 install=xbill.install
-source=(http://www.xbill.org/download/$pkgname-$pkgver.tar.gz xbill-wrapper.c)
-md5sums=('585e4866b15255a24203db9959407b2f' '9f299e482623999b03ce7585413bc182')
+source=(http://www.xbill.org/download/$pkgname-$pkgver.tar.gz)
+md5sums=('585e4866b15255a24203db9959407b2f')
 
 build() {
   cd $srcdir/$pkgname-$pkgver
-  ./configure --prefix=/usr --mandir=/usr/share/man --localstatedir=/var/games || return 1
+  ./configure --prefix=/usr --mandir=/usr/share/man --localstatedir=/var/games \
+  --disable-motif  --enable-athena --disable-gtk || return 1
   make || return 1
   make DESTDIR=$pkgdir install || return 1
 
-# Build wrapper script from Slackware to use setgid for score file
-  mv $pkgdir/usr/bin/xbill $pkgdir/usr/bin/xbill-bin
-  gcc -Wall ../xbill-wrapper.c -o $pkgdir/usr/bin/xbill || return 1
-
 # set appropriate permissions and destinations
   chown root:games $pkgdir/usr/bin/xbill
-  chmod 4755 $pkgdir/usr/bin/xbill
+  chmod 2755 $pkgdir/usr/bin/xbill
+
   chown root:games $pkgdir/var/games
   chmod 775 $pkgdir/var/games
   chown root:games $pkgdir/var/games/xbill

Deleted: testing-x86_64/xbill-wrapper.c
===================================================================
--- testing-x86_64/xbill-wrapper.c	2008-12-23 06:10:49 UTC (rev 22211)
+++ testing-x86_64/xbill-wrapper.c	2008-12-23 06:11:22 UTC (rev 22212)
@@ -1,82 +0,0 @@
-/* Written by Menno E. Duursma for use with xbill */
-
-/*
- * This program is free software. It comes without any warranty.
- * Granted WTFPL, Version 2, as published by Sam Hocevar. See
- * http://sam.zoy.org/wtfpl/COPYING for more details.
- */
-
-/*
- * Per default xbill sets its score file world writable
- * which obviously allows cheating ones hi-score :-(
- * Probably this came about since GTK+ doesn't allow setgid?
- * 
- * In the install-script we move xbill to xbill-bin and install
- * this here wrapper thing as xbill, with setuid and video group
- * executable filesystem perms. Here we change groups to games.
- *
- * We should now be able make /var/xbill group-writable only...
- */
-
-#include <stdlib.h>
-#include <stdio.h>
-#include <unistd.h>
-#include <errno.h>
-#include <string.h>
-#include <grp.h>
-
-int main(int argc, char *argv[], char *envp[])
-{
-
-	/*
-         * hardcoded path/program to exec
-	 * and group to run under
-	 */
-        char prog[] = "/usr/bin/xbill-bin";
-	char grpname[] = "games";
-
-	struct group *grp;
-	errno = 0;
-
-	/* get our gid */
-	grp = getgrnam(grpname);
-	if (grp == NULL) {
-		fprintf(stderr, "Error: getgrnam(%s) - %s\n",
-			grpname,
-			strerror(errno));
-		exit(EXIT_FAILURE);
-	}
-
-	/* drop to the gid */
-	if (setgid(grp->gr_gid)) {
-		fprintf(stderr, "Error: setgid(%d) - %s\n",
-			grp->gr_gid,
-			strerror(errno));
-		exit(EXIT_FAILURE);
-	}
-		
-
-        /* drop back to calling uid */
-	if (setuid(getuid())) {
-		fprintf(stderr, "Error: setuid(%d) - %s\n",
-			getuid(),
-			strerror(errno));
-		exit(EXIT_FAILURE);
-		}
-
-        /* tell the viewers wat is going to happen */
-        fprintf(stderr, "Starting %s with uid = %d, gid = %d\n",
-		prog,
-		getuid(),
-		getgid());
-
-	/* fire it up */
-	if (execve(prog, argv, envp) == -1) {
-		fprintf(stderr, "Error: execve(%s, argv, envp) - %s\n",
-			prog,
-			strerror(errno));
-		exit(EXIT_FAILURE);
-	}
-
-	return EXIT_SUCCESS;
-}

More information about the arch-commits mailing list