Re: Linux kernel hardening - link restrictions
"Adam D. Barratt" <adam@adam-barratt.org.uk> writes:
>> sounds like a reasonable plan to me, cc:ing debian-release to get a
>> comment on this, and cc:ing the at maintainer too.
>
> (Predictably enough) I'd like to see a debdiff before a final ack, but
> in principle it looks okay; thanks.
Attached below.
Regards,
Ansgar
diff -u at-3.1.12/debian/changelog at-3.1.12/debian/changelog
--- at-3.1.12/debian/changelog
+++ at-3.1.12/debian/changelog
@@ -1,3 +1,10 @@
+at (3.1.12-1+squeeze1) squeeze; urgency=low
+
+ * Create hardlink as priviledged user. (Closes: #597130)
+ Patch backported from at/3.1.13.
+
+ -- Ansgar Burchardt <ansgar@debian.org> Fri, 02 Mar 2012 18:36:16 +0100
+
at (3.1.12-1) unstable; urgency=low
* New upstream release:
only in patch2:
unchanged:
--- at-3.1.12.orig/atd.c
+++ at-3.1.12/atd.c
@@ -252,7 +252,10 @@
* somebody else has already locked it (a second atd?); log the
* fact and return.
*/
- if (link(filename, newname) == -1) {
+ PRIV_START
+ rc = link(filename, newname);
+ PRIV_END
+ if (rc == -1) {
if (errno == EEXIST) {
free(mailname);
free(newname);
Reply to: