commit: 012351c00a0b366bbf052222306cf939e9471db1 Author: Zac Medico <zmedico <AT> gentoo <DOT> org> AuthorDate: Tue Dec 13 17:07:46 2016 +0000 Commit: Zac Medico <zmedico <AT> gentoo <DOT> org> CommitDate: Tue Dec 13 17:11:05 2016 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=012351c0
net-misc/peervpn: 0.044-r1 revbump for bug 602550 Fix the openrc init script start_post function to use the chown --no-dereference option in order to prevent privilege escalation attacks. X-Gentoo-bug: 602550 X-Gentoo-bug-url: https://bugs.gentoo.org/show_bug.cgi?id=602550 Package-Manager: portage-2.3.3 net-misc/peervpn/files/peervpn.initd | 4 +++- net-misc/peervpn/{peervpn-0.044.ebuild => peervpn-0.044-r1.ebuild} | 0 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/net-misc/peervpn/files/peervpn.initd b/net-misc/peervpn/files/peervpn.initd index 3174dc6..0f891b3 100644 --- a/net-misc/peervpn/files/peervpn.initd +++ b/net-misc/peervpn/files/peervpn.initd @@ -27,5 +27,7 @@ start_pre() { } start_post() { - chown "${user}":"${group}" "${logfile}" + # Use --no-dereference to prevent privilege escalation + # attacks. Fixes bug #602550. + chown --no-dereference "${user}":"${group}" "${logfile}" } diff --git a/net-misc/peervpn/peervpn-0.044.ebuild b/net-misc/peervpn/peervpn-0.044-r1.ebuild similarity index 100% rename from net-misc/peervpn/peervpn-0.044.ebuild rename to net-misc/peervpn/peervpn-0.044-r1.ebuild
