[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: new module 'pt_chown'
From: |
Bruno Haible |
Subject: |
Re: new module 'pt_chown' |
Date: |
Wed, 24 Mar 2010 01:09:06 +0100 |
User-agent: |
KMail/1.9.9 |
Hi Simon,
> Did you intend for the 'grantpt' and 'pt_chown' modules (marked as LGPL)
> to depend on 'idpriv-drop' which is marked as GPL? I'm not sure what
> you meant above though, so I could be missing something, but I got these
> warnings:
>
> gnulib-tool: warning: module grantpt depends on a module with an incompatible
> license: idpriv-drop
> gnulib-tool: warning: module pt_chown depends on a module with an
> incompatible license: idpriv-drop
Oops, I did not see this. In fact, dropping the privileges is not needed here
(except if you consider strcmp and printf with literal strings "dangerous"
operations, which I don't).
2010-03-23 Bruno Haible <address@hidden>
pt_chown: Don't depend on GPLed modules.
* lib/pt_chown.c: Don't include idpriv.h.
(main): Don't drop privileges.
* modules/pt_chown (Depends-on): Remove idpriv-drop.
Reported by Simon Josefsson.
--- lib/pt_chown.c.orig Wed Mar 24 01:03:22 2010
+++ lib/pt_chown.c Wed Mar 24 01:02:19 2010
@@ -25,7 +25,6 @@
#include <sys/stat.h>
#include <unistd.h>
-#include "idpriv.h"
#include "pty-private.h"
/* For security reasons, we try to minimize the dependencies on libraries
@@ -83,9 +82,8 @@
return do_pt_chown ();
}
- /* We aren't going to be using privileges, so drop them right now. */
- if (idpriv_drop () < 0)
- return EXIT_FAILURE;
+ /* It would be possible to drop setuid/setgid privileges here. But it is not
+ really needed, since the code below only calls strcmp and [f]printf. */
{
int do_help = 0;
--- modules/pt_chown.orig Wed Mar 24 01:03:22 2010
+++ modules/pt_chown Wed Mar 24 01:03:00 2010
@@ -6,7 +6,6 @@
lib/pty-private.h
Depends-on:
-idpriv-drop
ptsname
configure.ac: