at/at-3.1.10-perm.patch

--- at-3.1.10/at.c.perm	2006-11-14 12:26:27.000000000 +0100
+++ at-3.1.10/at.c	2006-11-14 12:28:15.000000000 +0100
@@ -144,17 +144,12 @@
  */
     if (fcreated) {
 	/*
-        PRIV_START
-
         We need the unprivileged uid here since the file is owned by the real
         (not effective) uid.
         */
         setregid(real_gid, effective_gid);
 	    unlink(atfile);
         setregid(effective_gid, real_gid);
-        /*
-	PRIV_END
-        */
     }
     exit(EXIT_FAILURE);
 }
@@ -314,18 +309,18 @@
 	 * bit.  Yes, this is a kluge.
 	 */
 	cmask = umask(S_IRUSR | S_IWUSR | S_IXUSR);
-        seteuid(real_uid);
+        seteuid(effective_uid);
 	if ((fd = open(atfile, O_CREAT | O_EXCL | O_TRUNC | O_WRONLY, S_IRUSR)) == -1)
 	    perr("Cannot create atjob file %.500s", atfile);
-        seteuid(effective_uid);
+        //seteuid(effective_uid);
 
 	if ((fd2 = dup(fd)) < 0)
 	    perr("Error in dup() of job file");
 
-        /*
+        
 	if (fchown(fd2, real_uid, real_gid) != 0)
 	    perr("Cannot give away file");
-        */
+        
 
     PRIV_END
 
@@ -656,6 +651,7 @@
                     We need the unprivileged uid here since the file is owned by the real
                     (not effective) uid.
                     */
+//			PRIV_START
                     setregid(real_gid, effective_gid);
 
 		    if (queue == '=') {
@@ -668,17 +664,17 @@
 
                     setregid(effective_gid, real_gid);
 		    done = 1;
-
+//			PRIV_END
 		    break;
 
 		case CAT:
 		    {
 			FILE *fp;
 			int ch;
-
+	//		PRIV_START
 			setregid(real_gid, effective_gid);
 			fp = fopen(dirent->d_name, "r");
-
+	//		PRIV_END
 			if (fp) {
 			    while ((ch = getc(fp)) != EOF) {
 				putchar(ch);
--- at-3.1.10/Makefile.in.perm	2006-11-14 12:26:27.000000000 +0100
+++ at-3.1.10/Makefile.in	2006-11-14 12:26:27.000000000 +0100
@@ -97,7 +97,7 @@
 	$(INSTALL) -m 755 -d $(IROOT)$(atdocdir)
 	$(INSTALL) -m 755 -d $(IROOT)$(ATJOB_DIR)
 	$(INSTALL) -m 755 -d $(IROOT)$(etcdir)/pam.d 
-	$(INSTALL) -g $(DAEMON_GROUPNAME) -o $(DAEMON_USERNAME) -m 755 -d $(IROOT) $(ATSPOOL_DIR)
+	$(INSTALL) -g $(DAEMON_GROUPNAME) -o $(DAEMON_USERNAME) -m 755 -d $(IROOT)$(ATSPOOL_DIR)
 	chmod 700 $(IROOT)$(ATSPOOL_DIR) $(IROOT)$(ATJOB_DIR)
 	touch $(IROOT)$(LFILE)
 	chmod 600 $(IROOT)$(LFILE)
automatic update by autodist [release 3.1.14-1mamba;Thu Oct 10 2013] 2024-01-05 20:36:28 +01:00			`--- at-3.1.10/at.c.perm 2006-11-14 12:26:27.000000000 +0100`
			`+++ at-3.1.10/at.c 2006-11-14 12:28:15.000000000 +0100`
			`@@ -144,17 +144,12 @@`
			`*/`
			`if (fcreated) {`
			`/*`
			`- PRIV_START`
			`-`
			`We need the unprivileged uid here since the file is owned by the real`
			`(not effective) uid.`
			`*/`
			`setregid(real_gid, effective_gid);`
			`unlink(atfile);`
			`setregid(effective_gid, real_gid);`
			`- /*`
			`- PRIV_END`
			`- */`
			`}`
			`exit(EXIT_FAILURE);`
			`}`
			`@@ -314,18 +309,18 @@`
			`* bit. Yes, this is a kluge.`
			`*/`
			`cmask = umask(S_IRUSR \| S_IWUSR \| S_IXUSR);`
			`- seteuid(real_uid);`
			`+ seteuid(effective_uid);`
			`if ((fd = open(atfile, O_CREAT \| O_EXCL \| O_TRUNC \| O_WRONLY, S_IRUSR)) == -1)`
			`perr("Cannot create atjob file %.500s", atfile);`
			`- seteuid(effective_uid);`
			`+ //seteuid(effective_uid);`

			`if ((fd2 = dup(fd)) < 0)`
			`perr("Error in dup() of job file");`

			`- /*`
			`+`
			`if (fchown(fd2, real_uid, real_gid) != 0)`
			`perr("Cannot give away file");`
			`- */`
			`+`

			`PRIV_END`

			`@@ -656,6 +651,7 @@`
			`We need the unprivileged uid here since the file is owned by the real`
			`(not effective) uid.`
			`*/`
			`+// PRIV_START`
			`setregid(real_gid, effective_gid);`

			`if (queue == '=') {`
			`@@ -668,17 +664,17 @@`

			`setregid(effective_gid, real_gid);`
			`done = 1;`
			`-`
			`+// PRIV_END`
			`break;`

			`case CAT:`
			`{`
			`FILE *fp;`
			`int ch;`
			`-`
			`+ // PRIV_START`
			`setregid(real_gid, effective_gid);`
			`fp = fopen(dirent->d_name, "r");`
			`-`
			`+ // PRIV_END`
			`if (fp) {`
			`while ((ch = getc(fp)) != EOF) {`
			`putchar(ch);`
			`--- at-3.1.10/Makefile.in.perm 2006-11-14 12:26:27.000000000 +0100`
			`+++ at-3.1.10/Makefile.in 2006-11-14 12:26:27.000000000 +0100`
			`@@ -97,7 +97,7 @@`
			`$(INSTALL) -m 755 -d $(IROOT)$(atdocdir)`
			`$(INSTALL) -m 755 -d $(IROOT)$(ATJOB_DIR)`
			`$(INSTALL) -m 755 -d $(IROOT)$(etcdir)/pam.d`
			`- $(INSTALL) -g $(DAEMON_GROUPNAME) -o $(DAEMON_USERNAME) -m 755 -d $(IROOT) $(ATSPOOL_DIR)`
			`+ $(INSTALL) -g $(DAEMON_GROUPNAME) -o $(DAEMON_USERNAME) -m 755 -d $(IROOT)$(ATSPOOL_DIR)`
			`chmod 700 $(IROOT)$(ATSPOOL_DIR) $(IROOT)$(ATJOB_DIR)`
			`touch $(IROOT)$(LFILE)`
			`chmod 600 $(IROOT)$(LFILE)`