diff options
| author | Doug Barton <dougb@FreeBSD.org> | 2001-09-25 07:08:47 +0000 |
|---|---|---|
| committer | Doug Barton <dougb@FreeBSD.org> | 2001-09-25 07:08:47 +0000 |
| commit | b2b3b4bb73ac7836c6d327bb8139989380e9c9cb (patch) | |
| tree | 5b8091ab7f40ede87d5a9deca69b2b0396369341 /textproc/htdig | |
| parent | 31b84c6823b843339cba1f024d10d95908aa9a40 (diff) | |
| download | ports-b2b3b4bb73ac7836c6d327bb8139989380e9c9cb.tar.gz ports-b2b3b4bb73ac7836c6d327bb8139989380e9c9cb.zip | |
This patch comes from the ht://Dig maintainers, and fixes a possible
security vulnerability. Quoting from their e-mail announcement:
There is a security vulnerability in all versions of
htsearch between 3.1.0b2 and 3.1.5 . . . The hole can
allow a remote user to pick a file on your system for
the config file that the UID running the webserver
can read.
With a default ports install the httpd user should be nobody, which
makes the vulnerability small.
Notes
Notes:
svn path=/head/; revision=48179
Diffstat (limited to 'textproc/htdig')
| -rw-r--r-- | textproc/htdig/files/patch-htsearch_cc | 24 |
1 files changed, 24 insertions, 0 deletions
diff --git a/textproc/htdig/files/patch-htsearch_cc b/textproc/htdig/files/patch-htsearch_cc new file mode 100644 index 000000000000..5a92dba57454 --- /dev/null +++ b/textproc/htdig/files/patch-htsearch_cc @@ -0,0 +1,24 @@ +--- htsearch/htsearch.cc.Dist Thu Feb 24 18:29:11 2000 ++++ htsearch/htsearch.cc Mon Sep 24 23:57:28 2001 +@@ -77,9 +77,18 @@ + switch (c) + { + case 'c': +- configFile = optarg; +- override_config=1; +- break; ++ // The default is obviously to do this securely ++ // but if people want to shoot themselves in the foot... ++#ifndef ALLOW_INSECURE_CGI_CONFIG ++ if (!getenv("REQUEST_METHOD")) ++ { ++#endif ++ configFile = optarg; ++ override_config=1; ++#ifndef ALLOW_INSECURE_CGI_CONFIG ++ } ++#endif ++ break; + case 'v': + debug++; + break; |