|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: Patch for esound-0.2.19
From: Alon Oz (alon
LINUXQA.COM)Date: Mon Sep 11 2000 - 06:12:59 CDT
- Next message: Yarrow Charnot: "Re: machine independent protection from stack-smashing attack"
- Previous message: Lionel Cons: "A new approach to the glibc bugs"
- Next in thread: Kris Kennaway: "Re: Patch for esound-0.2.19"
- Reply: Kris Kennaway: "Re: Patch for esound-0.2.19"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Here's a patch that fixes the vulnerability in the esound package
(0.2.19 and prior):
------- CUT HERE ------------------------
*** esd.c Mon Sep 11 13:48:10 2000
--- esd.c.noperms Mon Sep 11 13:48:41 2000
***************
*** 218,230 ****
if (access(ESD_UNIX_SOCKET_DIR, R_OK | W_OK) == -1)
{
mkdir(ESD_UNIX_SOCKET_DIR,
! S_IRUSR|S_IWUSR|S_IXUSR|
! S_IRGRP|S_IWGRP|S_IXGRP|
! S_IROTH|S_IWOTH|S_IXOTH);
chmod(ESD_UNIX_SOCKET_DIR,
! S_IRUSR|S_IWUSR|S_IXUSR|
! S_IRGRP|S_IWGRP|S_IXGRP|
! S_IROTH|S_IWOTH|S_IXOTH);
}
if (access(ESD_UNIX_SOCKET_NAME, R_OK | W_OK) == -1)
{
--- 218,226 ----
if (access(ESD_UNIX_SOCKET_DIR, R_OK | W_OK) == -1)
{
mkdir(ESD_UNIX_SOCKET_DIR,
! S_IRUSR|S_IWUSR|S_IXUSR);
chmod(ESD_UNIX_SOCKET_DIR,
! S_IRUSR|S_IWUSR|S_IXUSR);
}
if (access(ESD_UNIX_SOCKET_NAME, R_OK | W_OK) == -1)
{
------ CUT HERE ------------------
-- Alon Oz, Aduva Research Team, Mailto: alonTrust in Allah, but tie your camel. -- Arabian proverb
- Next message: Yarrow Charnot: "Re: machine independent protection from stack-smashing attack"
- Previous message: Lionel Cons: "A new approach to the glibc bugs"
- Next in thread: Kris Kennaway: "Re: Patch for esound-0.2.19"
- Reply: Kris Kennaway: "Re: Patch for esound-0.2.19"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]