summaryrefslogtreecommitdiffstats
path: root/debian/patches/drop-privs-after-opening-savefile.diff
diff options
context:
space:
mode:
Diffstat (limited to 'debian/patches/drop-privs-after-opening-savefile.diff')
-rw-r--r--debian/patches/drop-privs-after-opening-savefile.diff12
1 files changed, 6 insertions, 6 deletions
diff --git a/debian/patches/drop-privs-after-opening-savefile.diff b/debian/patches/drop-privs-after-opening-savefile.diff
index a4c856a..664e980 100644
--- a/debian/patches/drop-privs-after-opening-savefile.diff
+++ b/debian/patches/drop-privs-after-opening-savefile.diff
@@ -9,7 +9,7 @@ Origin: https://src.fedoraproject.org/rpms/tcpdump/raw/master/f/0003-Drop-root-p
--- a/tcpdump.1.in
+++ b/tcpdump.1.in
-@@ -269,6 +269,9 @@
+@@ -268,6 +268,9 @@
flag, with a number after it, starting at 1 and continuing upward.
The units of \fIfile_size\fP are millions of bytes (1,000,000 bytes,
not 1,048,576 bytes).
@@ -19,7 +19,7 @@ Origin: https://src.fedoraproject.org/rpms/tcpdump/raw/master/f/0003-Drop-root-p
.TP
.B \-d
Dump the compiled packet-matching code in a human readable form to
-@@ -966,12 +969,14 @@
+@@ -965,12 +968,14 @@
If
.I tcpdump
is running as root, after opening the capture device or input savefile,
@@ -38,7 +38,7 @@ Origin: https://src.fedoraproject.org/rpms/tcpdump/raw/master/f/0003-Drop-root-p
selects which packets will be dumped.
--- a/tcpdump.c
+++ b/tcpdump.c
-@@ -1510,6 +1510,7 @@
+@@ -1511,6 +1511,7 @@
cap_rights_t rights;
int cansandbox;
#endif /* HAVE_CAPSICUM */
@@ -46,7 +46,7 @@ Origin: https://src.fedoraproject.org/rpms/tcpdump/raw/master/f/0003-Drop-root-p
int Oflag = 1; /* run filter code optimizer */
int yflag_dlt = -1;
const char *yflag_dlt_name = NULL;
-@@ -2338,6 +2339,19 @@
+@@ -2372,6 +2373,19 @@
}
capng_apply(CAPNG_SELECT_BOTH);
#endif /* HAVE_LIBCAP_NG */
@@ -66,13 +66,13 @@ Origin: https://src.fedoraproject.org/rpms/tcpdump/raw/master/f/0003-Drop-root-p
if (username || chroot_dir)
droproot(username, chroot_dir);
-@@ -2395,6 +2409,22 @@
+@@ -2429,6 +2443,22 @@
#endif /* HAVE_LIBCAP_NG */
if (pdd == NULL)
error("%s", pcap_geterr(pd));
+
+ /* Change ownership of file and drop root privileges */
-+ if (chown_flag) {
++ if (chown_flag && username) {
+ struct passwd *pwd;
+
+ pwd = getpwnam(username);
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-26 03:50:53 +0000