diff options
author | Theo de Raadt <deraadt@cvs.openbsd.org> | 2015-11-15 04:03:33 +0000 |
---|---|---|
committer | Theo de Raadt <deraadt@cvs.openbsd.org> | 2015-11-15 04:03:33 +0000 |
commit | c403c0e645f8c291de70c231b1958bdd7e2f9634 (patch) | |
tree | 6c2bbb8819dce006874bda240b4634a577b30f06 | |
parent | b46e8c58baf3345993f01a5b46e67d64498f1bba (diff) |
Using #ifndef __OpenBSD__, disable the really dangerous and silly
setuid-preserving code in the so-called smart_rename() function. I
don't want my tools (ar, ranlib, objcopy, strip) going through the
effort to preserve setuid bits on ``build-directory'' files when they
sense a symbolic link, thank you very much. The modern way is to build
code, then set such modes at install-time.
Our kernel goes through the effort to clear setuid flags, and this was
neutering that attempt. Also has atrocious error handling.
(Identified as an issue of concern while doing the audit for pledge)
ok guenther
-rw-r--r-- | gnu/usr.bin/binutils-2.17/binutils/rename.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/gnu/usr.bin/binutils-2.17/binutils/rename.c b/gnu/usr.bin/binutils-2.17/binutils/rename.c index 7d21cb34c04..3667f30d025 100644 --- a/gnu/usr.bin/binutils-2.17/binutils/rename.c +++ b/gnu/usr.bin/binutils-2.17/binutils/rename.c @@ -177,6 +177,7 @@ smart_rename (const char *from, const char *to, int preserve_dates ATTRIBUTE_UNU ret = rename (from, to); if (ret == 0) { +#ifndef __OpenBSD__ if (exists) { /* Try to preserve the permission bits and ownership of @@ -195,6 +196,7 @@ smart_rename (const char *from, const char *to, int preserve_dates ATTRIBUTE_UNU if (chown (to, s.st_uid, s.st_gid) >= 0) chmod (to, s.st_mode & 07777); } +#endif /* !__OpenBSD__ */ } else { |