On Fri, Mar 09, 2012 at 09:02:16PM +0100, Stevie Trujillo wrote:
> Package: acpid
> Version: 1:2.0.7-1squeeze3
> Severity: normal
>
> >From the Debian patch:
> --- acpid-2.0.7.orig/sock.c
> +++ acpid-2.0.7/sock.c
> @@ -73,7 +73,7 @@
> if (creds.uid != 0) {
> non_root_clients++;
> }
> - fcntl(cli_fd, F_SETFD, FD_CLOEXEC);
> + fcntl(cli_fd, F_SETFD, O_NONBLOCK);
> snprintf(buf, sizeof(buf)-1, "%d[%d:%d]",
> creds.pid, creds.uid, creds.gid);
> acpid_add_client(cli_fd, buf);
> }
>
>
> I don't think this works as expected:
> ...
I agree, something has got lost along the way. Upstream's fixed version does a
fcntl(cli_fd, F_SETFD, FD_CLOEXEC) followd by a fcntl(cli_fd, F_SETFL,
O_NONBLOCK).
I guess this is what our squeeze version should do to.
Question to secur...@debian.org, how do we handle this? Update as security
update?
Michael
--
Michael Meskes
Michael at Fam-Meskes dot De, Michael at Meskes dot (De|Com|Net|Org)
Michael at BorussiaFan dot De, Meskes at (Debian|Postgresql) dot Org
Jabber: michael.meskes at googlemail dot com
VfL Borussia! Força Barça! Go SF 49ers! Use Debian GNU/Linux, PostgreSQL
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
