On Sat, Aug 27, 2005 at 01:11:42PM -0700, Russ Allbery wrote: > Russ Allbery <rra@stanford.edu> writes: > > I've given the package a thorough and much-needed cleaning, applied all > > the patches in the BTS that looked reasonable and that I could test, > > updated standards version, switched to a modern debhelper compatibility > > level, and cleaned up all the lintian warnings and PTS to-do items. > > Hopefully this will make it easier for any future maintainer to adopt > > the package. > > I'd much appreciate it if someone could sponsor the upload. You can get > > the source package from: > > deb-src http://archives.eyrie.org/debian unstable main > > or via the corresponding direct paths. > I've now corrected the PID file handling for non-root users as well, > fixing the attack pointed out by Steve Langasek. When tleds -k is run as > a non-root user, it now checks the file ownership via fstat before doing > anything and refuses to send a signal if the PID file was not owned by the > effective user ID of the tleds -k process. It also no longer closes and > reopens the PID file while checking to see if the kill was successful, > uses kill(pid, 0) to check if the process died rather than looking at the > existence of the PID file, and sleeps for only one second. > Tested on i386. New packages are in the location above. If someone could > sponsor the upload, I'd appreciate it (assuming everything looks good). Looks good to me -- uploaded. Thanks, Russ. -- Steve Langasek Give me a lever long enough and a Free OS Debian Developer to set it on, and I can move the world. vorlon@debian.org http://www.debian.org/
Attachment:
signature.asc
Description: Digital signature