summaryrefslogtreecommitdiffstats
path: root/opensuse/core/tdelibs/allow-man-setgid.diff
diff options
context:
space:
mode:
Diffstat (limited to 'opensuse/core/tdelibs/allow-man-setgid.diff')
-rw-r--r--opensuse/core/tdelibs/allow-man-setgid.diff32
1 files changed, 32 insertions, 0 deletions
diff --git a/opensuse/core/tdelibs/allow-man-setgid.diff b/opensuse/core/tdelibs/allow-man-setgid.diff
new file mode 100644
index 000000000..51a47d720
--- /dev/null
+++ b/opensuse/core/tdelibs/allow-man-setgid.diff
@@ -0,0 +1,32 @@
+Index: kdecore/kapplication.cpp
+===================================================================
+--- kdecore/kapplication.cpp.orig
++++ kdecore/kapplication.cpp
+@@ -87,6 +87,8 @@
+ #include <sys/stat.h>
+ #endif
+ #include <sys/wait.h>
++#include <grp.h>
++#include <sys/types.h>
+
+ #ifndef Q_WS_WIN
+ #include "kwin.h"
+@@ -776,10 +778,15 @@ void KApplication::init(bool GUIenabled)
+ {
+ d->guiEnabled = GUIenabled;
+ if ((getuid() != geteuid()) ||
+- (getgid() != getegid()))
++ (getgid() != getegid()) )
+ {
+- fprintf(stderr, "The KDE libraries are not designed to run with suid privileges.\n");
+- ::exit(127);
++ // man permissions are not exploitable and better than
++ // world writable directories
++ struct group *man = getgrnam("man");
++ if ( !man || man->gr_gid != getegid() ){
++ fprintf(stderr, "The KDE libraries are not designed to run with suid privileges.\n");
++ ::exit(127);
++ }
+ }
+
+ KProcessController::ref();