summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--app-emulation/virtualbox-ose/ChangeLog18
-rw-r--r--app-emulation/virtualbox-ose/Manifest11
-rw-r--r--app-emulation/virtualbox-ose/files/virtualbox-ose-fix-insecure-lockfiles.patch94
-rw-r--r--app-emulation/virtualbox-ose/virtualbox-ose-1.6.6-r1.ebuild (renamed from app-emulation/virtualbox-ose/virtualbox-ose-1.6.6.ebuild)3
-rw-r--r--app-emulation/virtualbox-ose/virtualbox-ose-2.0.2-r1.ebuild (renamed from app-emulation/virtualbox-ose/virtualbox-ose-2.0.2.ebuild)3
-rw-r--r--app-emulation/virtualbox-ose/virtualbox-ose-2.0.4-r1.ebuild (renamed from app-emulation/virtualbox-ose/virtualbox-ose-2.0.4.ebuild)3
6 files changed, 122 insertions, 10 deletions
diff --git a/app-emulation/virtualbox-ose/ChangeLog b/app-emulation/virtualbox-ose/ChangeLog
index b2352e7..a0e4776 100644
--- a/app-emulation/virtualbox-ose/ChangeLog
+++ b/app-emulation/virtualbox-ose/ChangeLog
@@ -1,10 +1,18 @@
# ChangeLog for app-emulation/virtualbox-ose
# Copyright 1999-2008 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/app-emulation/virtualbox-ose/ChangeLog,v 1.7 2008/10/27 17:19:20 jokey Exp $
-
- 04 Nov 2008; Alessio Cassibba (X-Drum) <swapon@gmail.com>
- virtualbox-ose-9999.ebuild:
- update the svn repo url (live ebuild), wrt bug #245462
+# $Header: /var/cvsroot/gentoo-x86/app-emulation/virtualbox-ose/ChangeLog,v 1.8 2008/10/28 18:11:54 jokey Exp $
+
+ 10 Nov 2008; Alessio Cassibba (X-Drum) <swapon@gmail.com>
+ -virtualbox-ose-1.6.6.ebuild, +virtualbox-ose-1.6.6-r1.ebuild,
+ -virtualbox-ose-2.0.2.ebuild, +virtualbox-ose-2.0.2-r1.ebuild,
+ -virtualbox-ose-2.0.4.ebuild, +virtualbox-ose-2.0.4-r1.ebuild,
+ +files/virtualbox-ose-fix-insecure-lockfiles.patch:
+ fix insecure temp file usage (lockfiles) see bug #245958; update the svn
+ repo url (live ebuild), see bug #245462
+
+ 28 Oct 2008; Markus Ullmann <jokey@gentoo.org>
+ virtualbox-ose-1.6.6.ebuild:
+ Reinstate stable keyword for bug #244718
*virtualbox-ose-2.0.4 (27 Oct 2008)
diff --git a/app-emulation/virtualbox-ose/Manifest b/app-emulation/virtualbox-ose/Manifest
index c3ee9fb..1418e76 100644
--- a/app-emulation/virtualbox-ose/Manifest
+++ b/app-emulation/virtualbox-ose/Manifest
@@ -4,14 +4,15 @@ AUX virtualbox-ose-1.6.6-remove-unused.patch 3379 RMD160 d0a346f5ce9d236a5de2b05
AUX virtualbox-ose-2-config 42 RMD160 7102b584e67b964dfd3c06e06b29eb91d33d7604 SHA1 1fe2ac29550c4b3ab4a82399ece3d08c8851c207 SHA256 fb619bc28ba651135730601240e192f9d02b9bef9954eb8026a716865db01b4d
AUX virtualbox-ose-2-localconfig 1382 RMD160 1e484d1d7b3955ae425caa6d20ceba629b5f0150 SHA1 f1c7f076c2dfb8011708852391ae35cfe4d82994 SHA256 ebd65235b78f68f3c6f2b2185230f6271e077c04ad35a8c00b072fe563109fc6
AUX virtualbox-ose-2-wrapper 2752 RMD160 55a297e64a5e72aebb8a3d644de2dc400e4109e7 SHA1 92406df4ee4f648fbaa23db96e8833e3fb5f7d60 SHA256 a4cf6e712abe6927517af880e8014de7c8567389ce58cb499fe76c48901ec5c1
+AUX virtualbox-ose-fix-insecure-lockfiles.patch 2579 RMD160 4b460669369a4da395a335c4357346d932275916 SHA1 0a692a1b6de3e643ca8e60de6da8b9a7613cd352 SHA256 32f253b9c212a66181f7bdab9c6d509dbf5f3220849d0aeb47d840aa9465fcdf
AUX virtualbox-ose-interfaces 218 RMD160 4639b9848cf44ac59cd12585a3c56ef53d72a6d9 SHA1 3268e5759286bdff1c5242598266e6c2a5b17e5d SHA256 50ddbfedce3afd41aad45163eb799fce0956d815948ad9da842f09163aaafd52
AUX virtualbox-ose.desktop 202 RMD160 8b4b5c05743978d71edd4eaba71ae25f1d9d0d82 SHA1 3c10d2f12ea58ef35e785b8727a51fd3a0d66472 SHA256 9bbd26661317b106593d74b84cec3781b24c41bc40a2f98776e23d6b422ee4bb
DIST VirtualBox-1.6.6-OSE.tar.bz2 35483853 RMD160 4b17428371089806cf6f5e52d1905936f7beb01d SHA1 7c323b35d77277c650cbce2821ab6778d1e3270e SHA256 acb3c20ef751ed408489d7b5c2d5d441226055a6e83bfeb9258ce2d55baba4da
-DIST VirtualBox-2.0.2-OSE.tar.bz2 14188508 RMD160 ebcb3818b698c48eaa0c41fd76c2ded06349b53f SHA1 aeb18bcda8260860767afd6d53f71d78a750db92 SHA256 102f769bb80337443e7684a1b156bc4a977eca5dba9c73594b2501f73f3b15d9
+DIST VirtualBox-2.0.2-OSE.tar.bz2 37548591 RMD160 4156f2efe5245236f9890abcd0adb5ad5291f86f SHA1 cdc51cc4e5ff189cf9eff832179494009df1334a SHA256 0318c69eace3db0979f0aefd27aeb6c54d7c1aafcc6a156b076bc116a1d8805b
DIST VirtualBox-2.0.4-OSE.tar.bz2 37841781 RMD160 390a2b4d97a3ed6fdc885b89354884a07b3fc464 SHA1 f8e7c109546c033927bd41e78f259adb81cb1504 SHA256 5618fb09efafac3fc9c183a44aa3c1d8c44d1d7fa58bfb5a73c221f1dd8740fd
-EBUILD virtualbox-ose-1.6.6.ebuild 5864 RMD160 28fbb91c524bfdcb8b8d228a700d90a016eb9ce7 SHA1 8c09117197f6d57e45233765ac4fbc8103cbe57f SHA256 eab139bf995de090b5837518c276f1c12958a325c5be84ee91a9d3ac0016bd93
-EBUILD virtualbox-ose-2.0.2.ebuild 6858 RMD160 7f035a8752b940a79adeb899dc02119888f48085 SHA1 1324beeccad1f9f7dad14bd822692f4385ebc2be SHA256 f98429897ba02fde654ca8b74b76491e183173252efaf81fbb89b75f41776a1f
-EBUILD virtualbox-ose-2.0.4.ebuild 6858 RMD160 5d03fcc29b81007cd28a0027da34fcf60a78974a SHA1 68f2f645469fa105a97dd16576c7cc6124152114 SHA256 1e60ecea92bc79a74ff12286c497d8258a6f8d8786f05ed5284959a672eacdaa
+EBUILD virtualbox-ose-1.6.6-r1.ebuild 5971 RMD160 7aeb43be0db7fc94951fc4d3130df9f8a2e4da47 SHA1 64d2507d100fa4210d255206532145cedc7649b9 SHA256 97b3362ca3427f99cb744dcaa9ce2919785a06c62639bf23b222b6241b3f0380
+EBUILD virtualbox-ose-2.0.2-r1.ebuild 6965 RMD160 f9815529895762b646a661d8a4ee792650994a27 SHA1 442ca8e27a16b95ea9a387a71f9053b8800e1cb4 SHA256 cb06c7f798aaf9ad1c70934ef16f5a6e1ed8bca41a57220b39a2ffa2e720666b
+EBUILD virtualbox-ose-2.0.4-r1.ebuild 6965 RMD160 9128ad6aa8e89378bc18fab78b2a53c320ce75eb SHA1 1d98a8f17cf596abced8f81617466b3998b8235a SHA256 3327914b18576a9f8ff0961793271436cecf027227e97e05271b9d5f1074c330
EBUILD virtualbox-ose-9999.ebuild 5703 RMD160 57c81828b8dbe04601916d58eeb1d0dfa8fe4285 SHA1 f9a346da082f37f2e8b4bc4dd7f84318acd35660 SHA256 a3aa7bca5264c4c4a2e19bc9256d0c4a1c0ab9067ba3224f36ac25e45155a1f3
-MISC ChangeLog 14832 RMD160 108eba4130b1c471f908acb181307fc242efebd1 SHA1 d11ece3ebcda4829622b766120bf4b9f9f1cf990 SHA256 5023f613e92a55c862e5f06094b30871d5bf66c449d98cb0fbb32896e0bd2548
+MISC ChangeLog 15383 RMD160 3da41ddbd16edf259a68054f8502bb84cd5f4f40 SHA1 9485d5004d813576ce9a7953f822500f94544cc8 SHA256 d11eb8e73364a6fddd317049326556aa048eb1db16343252e7b44dd0bd5f1b44
MISC metadata.xml 532 RMD160 1fca6fac5f60adc258b878ecd959d2ca2adffafd SHA1 16730c1ea2b66f51e4eb6eaaa2bb570a9c56bb7d SHA256 578a25caafe911d389af1aeb097e4b732cdb48cdb33929af4ddbb1506ff09eeb
diff --git a/app-emulation/virtualbox-ose/files/virtualbox-ose-fix-insecure-lockfiles.patch b/app-emulation/virtualbox-ose/files/virtualbox-ose-fix-insecure-lockfiles.patch
new file mode 100644
index 0000000..0df6290
--- /dev/null
+++ b/app-emulation/virtualbox-ose/files/virtualbox-ose-fix-insecure-lockfiles.patch
@@ -0,0 +1,94 @@
+--- src/libs/xpcom18a4/ipc/ipcd/daemon/src/ipcdUnix.cpp.orig 2008-11-09 19:48:22.000000000 +0100
++++ src/libs/xpcom18a4/ipc/ipcd/daemon/src/ipcdUnix.cpp 2008-11-09 19:51:54.000000000 +0100
+@@ -93,7 +93,7 @@
+ EOk = 0,
+ ELockFileOpen = -1,
+ ELockFileLock = -2,
+-
++ ELockFileOwner = -3,
+ };
+
+ static int ipcLockFD = 0;
+@@ -112,16 +112,70 @@
+ lockFile[dirLen] = '/';
+ memcpy(lockFile + dirLen + 1, lockName, sizeof(lockName));
+
++#ifdef VBOX
++ //
++ // Security checks for the directory
++ //
++ struct stat st;
++ if (stat(baseDir, &st) == -1)
++ {
++ printf("Cannot stat '%s'.\n", baseDir);
++ return ELockFileOwner;
++ }
++
++ if (st.st_uid != getuid() && st.st_uid != geteuid())
++ {
++ printf("Wrong owner (%d) of '%s'.\n", st.st_uid, baseDir);
++ return ELockFileOwner;
++ }
++
++ if (st.st_mode != (S_IRUSR | S_IWUSR | S_IXUSR | S_IFDIR))
++ {
++ printf("Wrong mode (%o) of '%s'.\n", st.st_mode, baseDir);
++ return ELockFileOwner;
++ }
++#endif
++
+ //
+ // open lock file. it remains open until we shutdown.
+ //
+ ipcLockFD = open(lockFile, O_WRONLY|O_CREAT, S_IWUSR|S_IRUSR);
+
++#ifndef VBOX
+ free(lockFile);
++#endif
+
+ if (ipcLockFD == -1)
+ return ELockFileOpen;
+
++#ifdef VBOX
++ //
++ // Security checks for the lock file
++ //
++ if (fstat(ipcLockFD, &st) == -1)
++ {
++ printf("Cannot stat '%s'.\n", lockFile);
++ free(lockFile);
++ return ELockFileOwner;
++ }
++
++ if (st.st_uid != getuid() && st.st_uid != geteuid())
++ {
++ printf("Wrong owner (%d) of '%s'.\n", st.st_uid, lockFile);
++ free(lockFile);
++ return ELockFileOwner;
++ }
++
++ if (st.st_mode != (S_IRUSR | S_IWUSR | S_IFREG))
++ {
++ printf("Wrong mode (%o) of '%s'.\n", st.st_mode, lockFile);
++ free(lockFile);
++ return ELockFileOwner;
++ }
++
++ free(lockFile);
++#endif
++
+ //
+ // we use fcntl for locking. assumption: filesystem should be local.
+ // this API is nice because the lock will be automatically released
+@@ -433,8 +487,9 @@
+ // don't notify the parent to cause it to fail in PR_Read() after
+ // we terminate
+ #ifdef VBOX
+- printf("Cannot create a lock file for '%s'.\n"
+- "Check permissions.\n", addr.local.path);
++ if (status != ELockFileOwner)
++ printf("Cannot create a lock file for '%s'.\n"
++ "Check permissions.\n", addr.local.path);
+ #endif
+ return 0;
+ }
diff --git a/app-emulation/virtualbox-ose/virtualbox-ose-1.6.6.ebuild b/app-emulation/virtualbox-ose/virtualbox-ose-1.6.6-r1.ebuild
index 8aa2d71..faf653d 100644
--- a/app-emulation/virtualbox-ose/virtualbox-ose-1.6.6.ebuild
+++ b/app-emulation/virtualbox-ose/virtualbox-ose-1.6.6-r1.ebuild
@@ -85,6 +85,9 @@ src_unpack() {
# Don't build things unused or splitted into separate ebuilds (eg: additions)
epatch "${FILESDIR}/${P}-remove-unused.patch"
+
+ # Fix Insecure temp file usage, see bug #245958
+ epatch "${FILESDIR}/${PN}-fix-insecure-lockfiles.patch"
}
src_compile() {
diff --git a/app-emulation/virtualbox-ose/virtualbox-ose-2.0.2.ebuild b/app-emulation/virtualbox-ose/virtualbox-ose-2.0.2-r1.ebuild
index faa6b88..62f3432 100644
--- a/app-emulation/virtualbox-ose/virtualbox-ose-2.0.2.ebuild
+++ b/app-emulation/virtualbox-ose/virtualbox-ose-2.0.2-r1.ebuild
@@ -92,6 +92,9 @@ src_unpack() {
sed -i \
-e "s/MY_LIBDIR/${MY_LIBDIR}/" LocalConfig.kmk \
|| die "LocalConfig.kmk sed failed"
+
+ # Fix Insecure temp file usage, see bug #245958
+ epatch "${FILESDIR}/${PN}-fix-insecure-lockfiles.patch"
}
src_compile() {
diff --git a/app-emulation/virtualbox-ose/virtualbox-ose-2.0.4.ebuild b/app-emulation/virtualbox-ose/virtualbox-ose-2.0.4-r1.ebuild
index 51f330d..e357125 100644
--- a/app-emulation/virtualbox-ose/virtualbox-ose-2.0.4.ebuild
+++ b/app-emulation/virtualbox-ose/virtualbox-ose-2.0.4-r1.ebuild
@@ -92,6 +92,9 @@ src_unpack() {
sed -i \
-e "s/MY_LIBDIR/${MY_LIBDIR}/" LocalConfig.kmk \
|| die "LocalConfig.kmk sed failed"
+
+ # Fix Insecure temp file usage, see bug #245958
+ epatch "${FILESDIR}/${PN}-fix-insecure-lockfiles.patch"
}
src_compile() {