mirror of
https://github.com/ilyakooo0/nixpkgs.git
synced 2024-12-29 14:57:28 +03:00
ligcgroup: fix CVE-2018-14348
When using cgrulesengd it would create a logfile at /var/log/cgred with the permission wide open (0666).
This commit is contained in:
parent
945c6b9981
commit
9843fdc532
@ -1,4 +1,4 @@
|
||||
{ stdenv, fetchurl, pam, yacc, flex }:
|
||||
{ stdenv, fetchurl, fetchpatch, pam, yacc, flex }:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
name = "libcgroup-${version}";
|
||||
@ -11,6 +11,13 @@ stdenv.mkDerivation rec {
|
||||
|
||||
buildInputs = [ pam yacc flex ];
|
||||
|
||||
patches = [
|
||||
(fetchpatch {
|
||||
url = "https://gitweb.gentoo.org/repo/gentoo.git/plain/dev-libs/libcgroup/files/libcgroup-0.41-remove-umask.patch?id=33e9f4c81de754bbf76b893ea1133ed023f2a0e5";
|
||||
sha256 = "1x0x29ld0cgmfwq4qy13s6d5c8sym1frfh1j2q47d8gfw6qaxka5";
|
||||
})
|
||||
];
|
||||
|
||||
postPatch = ''
|
||||
substituteInPlace src/tools/Makefile.in \
|
||||
--replace 'chmod u+s' 'chmod +x'
|
||||
|
Loading…
Reference in New Issue
Block a user