Re: Changes to man page in 4.5-R?

Tue, 15 Jan 2002 23:26:45 -0800 

On Wed, Jan 16, 2002 at 12:29:45AM -0500, Steven Huwig wrote:
> I was reading the QA guidelines at 
> http://www.freebsd.org/releases/4.5R/qa.html, and I was wondering what 
> the following statement (second bullet from bottom) means:
> 
> * Once the man page change goes in (which I think it should) we'll want 
> some basic testing of the man command.
> 
> What is the "man page change?" And is it in?

  This change was just committed to -CURRENT within the last 24 hours.
I posted a message to -qa about this earlier today.  It will most
likely be approved for MFC shortly.  Ruslan's commit message does a
good job of describing the change :

        - Murray

ru          2002/01/15 06:11:05 PST

  Modified files:
    gnu/usr.bin/man/man  Makefile man.c
    etc/mtree            BSD.local.dist BSD.usr.dist
                         BSD.x11-4.dist BSD.x11.dist
  Log:
  Do not install man(1) setuid ``man''.

  The catpaging and setuidness features of man(1) combined make
  it vulnerable to a number of security attacks.  Specifically,
  it was possible to overwrite system catpages with arbitrarily
  contents by either setting up a symlink to a directory holding
  system catpages, or by writing custom -mdoc or -man groff(1)
  macro packages and setting up GROFF_TMAC_PATH in environment
  to point to them.  (See PR below for details).

  This means man(1) can no longer create system catpages on a
  regular user's behalf.  (It is still able to if the user has
  write permissions to the directory holding catpages, e.g.,
  user's own manpages, or if the running user is ``root''.)

  To create and install catpages during ``make world'', please
  set MANBUILDCAT=YES in /etc/make.conf.  To rebuild catpages
  on a weekly basis, please set weekly_catman_enable="YES" in
  /etc/periodic.conf.

  PR:             bin/32791

  Revision  Changes    Path
  1.85      +3 -7      src/etc/mtree/BSD.local.dist
  1.251     +4 -6      src/etc/mtree/BSD.usr.dist
  1.19      +2 -4      src/etc/mtree/BSD.x11-4.dist
  1.16      +2 -4      src/etc/mtree/BSD.x11.dist
  1.33      +1 -4      src/gnu/usr.bin/man/man/Makefile
  1.51      +2 -62     src/gnu/usr.bin/man/man/man.c

To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-stable" in the body of the message

Reply via email to