nordic-dev.net/nixpkgs
nordic-dev.net/nixpkgs
2
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-11-02 07:31:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

rtkit: *security* Pass uid of caller to polkit

Browse Source 
Otherwise, we force polkit to look up the uid itself in /proc, which is racy if
they execve() a setuid binary.
This commit is contained in:
Jörg Thalheim 2016-10-05 18:07:12 +02:00
parent 92d2416280
commit c684eb756a
No known key found for this signature in database
GPG Key ID: CA4106B8D7CC79FA
1 changed files with 8 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
pkgs/os-specific/linux/rtkit/default.nix
View File

@ -13,10 +13,17 @@ stdenv.mkDerivation rec {
];
patches = [
# Drop removed ControlGroup stanza
(fetchpatch {
url = "https://anonscm.debian.org/cgit/pkg-multimedia/rtkit.git/plain/debian/patches/0002-Drop-Removed-ControlGroup-stanza.patch?id=21f2c6be6985c777cbf113c67043353406744050";
url = "http://git.0pointer.net/rtkit.git/patch/?id=6c28e20c0be2f616a025059fda0ffac84e7f4f17";
sha256 = "0lsxk5nv08i1wjb4xh20i5fcwg3x0qq0k4f8bc0r9cczph2sv7ck";
})
# security patch: Pass uid of caller to polkit
(fetchpatch {
url = "http://git.0pointer.net/rtkit.git/patch/?id=88d4082ef6caf6b071d749dca1c50e7edde914cc";
sha256 = "0hp1blbi359qz8fmr6nj4w9yc0jf3dd176f8pn25wdj38n13qkix";
})
];
buildInputs = [ pkgconfig dbus libcap ];