update pcsc-lite directory permissions. bug 503211.

2009-06-17 17:59:34 +00:00 · 2009-06-17 17:59:34 +00:00 · 5eb8343b60
parent 15da5482f9
commit 5eb8343b60
2 changed files with 55 additions and 1 deletions
--- a/pcsc-lite-1.5-permissions.patch
+++ b/pcsc-lite-1.5-permissions.patch
@ -0,0 +1,49 @@
+diff -up ./src/pcscdaemon.c.permissions ./src/pcscdaemon.c
+--- ./src/pcscdaemon.c.permissions	2009-02-06 00:46:20.000000000 -0800
+++ ./src/pcscdaemon.c	2009-06-17 10:06:49.419656000 -0700
+@@ -438,7 +438,8 @@ int main(int argc, char **argv)
+ 	rv = SYS_Stat(PCSCLITE_EVENTS_DIR, &fStatBuf);
+ 	if (rv < 0)
+ 	{
+-		int mode = S_IRWXU | S_IWGRP | S_IXGRP | S_IWOTH | S_IXOTH; /* 0755 */
+ 		/* 1733 : world writable + sticky bit */
+ 		int mode = S_IRWXU | S_IWGRP | S_IXGRP | S_IWOTH | S_IXOTH | S_ISVTX;
+ 
+ 		rv = SYS_Mkdir(PCSCLITE_EVENTS_DIR, mode);
+ 		if (rv != 0)
+diff -up ./src/winscard_clnt.c.permissions ./src/winscard_clnt.c
+--- ./src/winscard_clnt.c.permissions	2009-02-06 00:46:20.000000000 -0800
+++ ./src/winscard_clnt.c	2009-06-17 10:07:32.392742000 -0700
+@@ -1717,7 +1717,7 @@ static long WaitForPcscdEvent(SCARDCONTE
+ {
+ 	char filename[FILENAME_MAX];
+ 	char buf[1];
+-	int fd;
+	int fd, r;
+ 	struct timeval tv, *ptv = NULL;
+ 	struct timeval before, after;
+ 	fd_set read_fd;
+@@ -1734,7 +1734,14 @@ static long WaitForPcscdEvent(SCARDCONTE
+ 
+ 	(void)snprintf(filename, sizeof(filename), "%s/event.%d.%ld",
+ 		PCSCLITE_EVENTS_DIR, SYS_GetPID(), hContext);
+-	(void)mkfifo(filename, 0644);
+	r = mkfifo(filename, 0644);
+ 	if (-1 == r)
+ 	{
+ 		Log2(PCSC_LOG_CRITICAL, "Can't create event fifo: %s", strerror(errno));
+ 		goto exit;
+ 	}
+ 
+
+ 	fd = SYS_OpenFile(filename, O_RDONLY | O_NONBLOCK, 0);
+ 
+ 	FD_ZERO(&read_fd);
+@@ -1755,6 +1762,7 @@ static long WaitForPcscdEvent(SCARDCONTE
+ 		dwTime -= diff/1000;
+ 	}
+ 
+exit:
+ 	return dwTime;
+ }
+ 
--- a/pcsc-lite.spec
+++ b/pcsc-lite.spec
@ -1,6 +1,6 @@
 Name:           pcsc-lite
 Version:        1.5.2
-Release:        1%{?dist}
+Release:        2%{?dist}
 Summary:        PC/SC Lite smart card framework and applications
 %define upstream_build 2795

@ -11,6 +11,7 @@ Source0:        http://alioth.debian.org/download.php/%{upstream_build}/%{name}-
 Patch0:         %{name}-1.4-docinst.patch
 Patch1:         %{name}-1.4.100-rpath64.patch
 Patch2:         %{name}-close_on_exec.patch
+Patch3:         %{name}-1.5-permissions.patch

 BuildRoot:      %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)

@ -64,6 +65,7 @@ Group:          Documentation
 %patch0 -p0 -b .docinst
 %patch1 -p1 -b .rpath64
 %patch2 -p1 -b .close_on_exec
+%patch3 -p0 -b .permissions

 %build
 %configure \
@ -150,6 +152,9 @@ fi


 %changelog
+* Wed Jun 17 2009 Bob Relyea <rrelyea@redhat.com> - 1.5.2-2
+- Pick up security fixes from upstream
+
 * Fri Feb 27 2009 Bob Relyea <rrelyea@redhat.com> - 1.5.2-1
 - Pick up 1.5.2
 - Add FD_CLOEXEC flag