fix http://vuxml.freebsd.org/92268205-1947-11d9-bc4a-000c41e2cdad.html

Reported by: nectar Approved by: portmgr (krion) Obtained from: https://bugzilla.andrew.cmu.edu/cgi-bin/cvsweb.cgi/src/sasl/lib/common.c#rev1.104
author: Hajimu UMEMOTO <ume@FreeBSD.org> 2004-10-08 18:09:16 +0000
committer: Hajimu UMEMOTO <ume@FreeBSD.org> 2004-10-08 18:09:16 +0000
commit: adeb789b91635cbd3aba5503feebf5964d064cbd (patch)
tree: ce5a92d30e23999415ee31f146eb132460dcd7d0 /security/cyrus-sasl2/files
parent: 5fc8e499519c3a67ec4589a2c88bac68ec23afcd (diff)
download: ports-adeb789b91635cbd3aba5503feebf5964d064cbd.tar.gz
ports-adeb789b91635cbd3aba5503feebf5964d064cbd.zip
1 files changed, 16 insertions, 0 deletions
diff --git a/security/cyrus-sasl2/files/patch-lib::common.c b/security/cyrus-sasl2/files/patch-lib::common.c
new file mode 100644
index 000000000000..76b66e7b5e86
--- /dev/null
+++ b/security/cyrus-sasl2/files/patch-lib::common.c
@@ -0,0 +1,16 @@
+Index: lib/common.c
+diff -u -p lib/common.c.orig lib/common.c
+--- lib/common.c.orig	Wed Jul  7 01:03:05 2004
++++ lib/common.c	Sat Oct  9 02:03:02 2004
+@@ -1838,7 +1838,10 @@ _sasl_getpath(void *context __attribute_
+   if (! path)
+     return SASL_BADPARAM;
+ 
+-  *path = getenv(SASL_PATH_ENV_VAR);
++  /* Honor external variable only in a safe environment */
++  if (getuid() == geteuid() && getgid() == getegid())
++    *path = getenv(SASL_PATH_ENV_VAR);
++
+   if (! *path)
+     *path = PLUGINDIR;
+
author	Hajimu UMEMOTO <ume@FreeBSD.org>	2004-10-08 18:09:16 +0000
committer	Hajimu UMEMOTO <ume@FreeBSD.org>	2004-10-08 18:09:16 +0000
commit	adeb789b91635cbd3aba5503feebf5964d064cbd (patch)
tree	ce5a92d30e23999415ee31f146eb132460dcd7d0 /security/cyrus-sasl2/files
parent	5fc8e499519c3a67ec4589a2c88bac68ec23afcd (diff)
download	ports-adeb789b91635cbd3aba5503feebf5964d064cbd.tar.gz ports-adeb789b91635cbd3aba5503feebf5964d064cbd.zip