Hello community, here is the log from the commit of package man for openSUSE:Factory checked in at 2015-06-09 08:48:17 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/man (Old) and /work/SRC/openSUSE:Factory/.man.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "man" Changes: -------- --- /work/SRC/openSUSE:Factory/man/man.changes 2015-06-01 09:25:12.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.man.new/man.changes 2015-06-09 08:48:18.000000000 +0200 @@ -1,0 +2,5 @@ +Mon Jun 8 08:31:52 UTC 2015 - wer...@suse.de + +- Allow root to use man command within its home + +------------------------------------------------------------------- ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ man.spec ++++++ --- /var/tmp/diff_new_pack.Ckem5a/_old 2015-06-09 08:48:19.000000000 +0200 +++ /var/tmp/diff_new_pack.Ckem5a/_new 2015-06-09 08:48:19.000000000 +0200 @@ -1,7 +1,7 @@ # # spec file for package man # -# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2015 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed ++++++ wrapper.c ++++++ --- /var/tmp/diff_new_pack.Ckem5a/_old 2015-06-09 08:48:20.000000000 +0200 +++ /var/tmp/diff_new_pack.Ckem5a/_new 2015-06-09 08:48:20.000000000 +0200 @@ -69,7 +69,6 @@ { uid_t ruid, euid; gid_t rgid; - struct passwd *pwd; argc = argc; /* not used */ @@ -103,6 +102,9 @@ printf ("%s\n", wlp->run); #endif if (ruid == 0 || euid == 0) { + struct passwd *pwd; + char *cwd; + pwd = getpwnam (wlp->user); if (!pwd) { fprintf (stderr, _("%s: Failed su to user %s\n"), wlp->prog, wlp->user); @@ -119,6 +121,10 @@ pwd->pw_gid = rgid; #endif } + if ((cwd = get_current_dir_name()) == NULL) { + fprintf (stderr, _("%s: Failed su to user %s\n"), wlp->prog, wlp->user); + return -EACCES; + } if (setregid (rgid, pwd->pw_gid)) { fprintf (stderr, _("%s: Failed su to user %s\n"), wlp->prog, wlp->user); return -EACCES; @@ -131,6 +137,11 @@ fprintf (stderr, _("%s: Failed su to user %s\n"), wlp->prog, wlp->user); return -EACCES; } + if (access(cwd, X_OK) < 0 && chdir(pwd->pw_dir)) { + fprintf (stderr, _("%s: Failed su to user %s\n"), wlp->prog, wlp->user); + return -EACCES; + } + free(cwd); } execve (wlp->run, argv, envp); perror ("execve");