diff options
Diffstat (limited to 'opensuse/core/tdelibs/allow-man-setgid.diff')
-rw-r--r-- | opensuse/core/tdelibs/allow-man-setgid.diff | 32 |
1 files changed, 32 insertions, 0 deletions
diff --git a/opensuse/core/tdelibs/allow-man-setgid.diff b/opensuse/core/tdelibs/allow-man-setgid.diff new file mode 100644 index 000000000..51a47d720 --- /dev/null +++ b/opensuse/core/tdelibs/allow-man-setgid.diff @@ -0,0 +1,32 @@ +Index: kdecore/kapplication.cpp +=================================================================== +--- kdecore/kapplication.cpp.orig ++++ kdecore/kapplication.cpp +@@ -87,6 +87,8 @@ + #include <sys/stat.h> + #endif + #include <sys/wait.h> ++#include <grp.h> ++#include <sys/types.h> + + #ifndef Q_WS_WIN + #include "kwin.h" +@@ -776,10 +778,15 @@ void KApplication::init(bool GUIenabled) + { + d->guiEnabled = GUIenabled; + if ((getuid() != geteuid()) || +- (getgid() != getegid())) ++ (getgid() != getegid()) ) + { +- fprintf(stderr, "The KDE libraries are not designed to run with suid privileges.\n"); +- ::exit(127); ++ // man permissions are not exploitable and better than ++ // world writable directories ++ struct group *man = getgrnam("man"); ++ if ( !man || man->gr_gid != getegid() ){ ++ fprintf(stderr, "The KDE libraries are not designed to run with suid privileges.\n"); ++ ::exit(127); ++ } + } + + KProcessController::ref(); |