commit: f4adfe80c1bad891df04ceb7b4804d04838ba8e4 Author: Mike Gilbert <floppym <AT> gentoo <DOT> org> AuthorDate: Mon Aug 4 19:02:56 2025 +0000 Commit: Mike Gilbert <floppym <AT> gentoo <DOT> org> CommitDate: Mon Aug 4 19:04:42 2025 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=f4adfe80
sys-process/htop: avoid suid with USE="-filecaps" Closes: https://bugs.gentoo.org/961054 Signed-off-by: Mike Gilbert <floppym <AT> gentoo.org> sys-process/htop/{htop-3.4.1-r1.ebuild => htop-3.4.1-r2.ebuild} | 3 ++- sys-process/htop/htop-9999.ebuild | 3 ++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/sys-process/htop/htop-3.4.1-r1.ebuild b/sys-process/htop/htop-3.4.1-r2.ebuild similarity index 95% rename from sys-process/htop/htop-3.4.1-r1.ebuild rename to sys-process/htop/htop-3.4.1-r2.ebuild index 9a8cc7e85c25..acf81c3e6f56 100644 --- a/sys-process/htop/htop-3.4.1-r1.ebuild +++ b/sys-process/htop/htop-3.4.1-r2.ebuild @@ -96,7 +96,8 @@ pkg_postinst() { xdg_desktop_database_update xdg_icon_cache_update - fcaps cap_sys_ptrace usr/bin/${PN} + # Non-caps mode is blank to avoid suid with USE="-filecaps" (bug 961054) + fcaps -m '' cap_sys_ptrace usr/bin/htop optfeature "Viewing processes accessing certain files" sys-process/lsof } diff --git a/sys-process/htop/htop-9999.ebuild b/sys-process/htop/htop-9999.ebuild index 9a8cc7e85c25..acf81c3e6f56 100644 --- a/sys-process/htop/htop-9999.ebuild +++ b/sys-process/htop/htop-9999.ebuild @@ -96,7 +96,8 @@ pkg_postinst() { xdg_desktop_database_update xdg_icon_cache_update - fcaps cap_sys_ptrace usr/bin/${PN} + # Non-caps mode is blank to avoid suid with USE="-filecaps" (bug 961054) + fcaps -m '' cap_sys_ptrace usr/bin/htop optfeature "Viewing processes accessing certain files" sys-process/lsof }
