python, python2: disable setuid in servers (#6548)
This commit is contained in:
parent
8d447cb1b4
commit
f775bdb9c1
|
@ -4,6 +4,7 @@ TERMUX_PKG_LICENSE="PythonPL"
|
||||||
TERMUX_PKG_MAINTAINER="@termux"
|
TERMUX_PKG_MAINTAINER="@termux"
|
||||||
_MAJOR_VERSION=3.9
|
_MAJOR_VERSION=3.9
|
||||||
TERMUX_PKG_VERSION=${_MAJOR_VERSION}.2
|
TERMUX_PKG_VERSION=${_MAJOR_VERSION}.2
|
||||||
|
TERMUX_PKG_REVISION=1
|
||||||
TERMUX_PKG_SRCURL=https://www.python.org/ftp/python/${TERMUX_PKG_VERSION}/Python-${TERMUX_PKG_VERSION}.tar.xz
|
TERMUX_PKG_SRCURL=https://www.python.org/ftp/python/${TERMUX_PKG_VERSION}/Python-${TERMUX_PKG_VERSION}.tar.xz
|
||||||
TERMUX_PKG_SHA256=3c2034c54f811448f516668dce09d24008a0716c3a794dd8639b5388cbde247d
|
TERMUX_PKG_SHA256=3c2034c54f811448f516668dce09d24008a0716c3a794dd8639b5388cbde247d
|
||||||
TERMUX_PKG_DEPENDS="gdbm, libandroid-support, libbz2, libcrypt, libffi, liblzma, libsqlite, ncurses, ncurses-ui-libs, openssl, readline, zlib"
|
TERMUX_PKG_DEPENDS="gdbm, libandroid-support, libbz2, libcrypt, libffi, liblzma, libsqlite, ncurses, ncurses-ui-libs, openssl, readline, zlib"
|
||||||
|
|
|
@ -0,0 +1,36 @@
|
||||||
|
diff -uNr Python-3.9.2/Lib/http/server.py Python-3.9.2.mod/Lib/http/server.py
|
||||||
|
--- Python-3.9.2/Lib/http/server.py 2021-02-19 14:31:44.000000000 +0200
|
||||||
|
+++ Python-3.9.2.mod/Lib/http/server.py 2021-03-20 16:08:34.173543081 +0200
|
||||||
|
@@ -1165,10 +1165,6 @@
|
||||||
|
return
|
||||||
|
# Child
|
||||||
|
try:
|
||||||
|
- try:
|
||||||
|
- os.setuid(nobody)
|
||||||
|
- except OSError:
|
||||||
|
- pass
|
||||||
|
os.dup2(self.rfile.fileno(), 0)
|
||||||
|
os.dup2(self.wfile.fileno(), 1)
|
||||||
|
os.execve(scriptfile, args, env)
|
||||||
|
diff -uNr Python-3.9.2/Lib/smtpd.py Python-3.9.2.mod/Lib/smtpd.py
|
||||||
|
--- Python-3.9.2/Lib/smtpd.py 2021-02-19 14:31:44.000000000 +0200
|
||||||
|
+++ Python-3.9.2.mod/Lib/smtpd.py 2021-03-20 16:11:48.785629393 +0200
|
||||||
|
@@ -9,7 +9,8 @@
|
||||||
|
-n
|
||||||
|
This program generally tries to setuid `nobody', unless this flag is
|
||||||
|
set. The setuid call will fail if this program is not run as root (in
|
||||||
|
- which case, use this flag).
|
||||||
|
+ which case, use this flag). Ignored in Termux as no setuid done on this
|
||||||
|
+ platform.
|
||||||
|
|
||||||
|
--version
|
||||||
|
-V
|
||||||
|
@@ -863,7 +864,7 @@
|
||||||
|
|
||||||
|
|
||||||
|
class Options:
|
||||||
|
- setuid = True
|
||||||
|
+ setuid = False
|
||||||
|
classname = 'PureProxy'
|
||||||
|
size_limit = None
|
||||||
|
enable_SMTPUTF8 = False
|
|
@ -4,7 +4,7 @@ TERMUX_PKG_LICENSE="PythonPL"
|
||||||
TERMUX_PKG_MAINTAINER="@termux"
|
TERMUX_PKG_MAINTAINER="@termux"
|
||||||
_MAJOR_VERSION=2.7
|
_MAJOR_VERSION=2.7
|
||||||
TERMUX_PKG_VERSION=${_MAJOR_VERSION}.18
|
TERMUX_PKG_VERSION=${_MAJOR_VERSION}.18
|
||||||
TERMUX_PKG_REVISION=4
|
TERMUX_PKG_REVISION=5
|
||||||
TERMUX_PKG_SRCURL=https://www.python.org/ftp/python/${TERMUX_PKG_VERSION}/Python-${TERMUX_PKG_VERSION}.tar.xz
|
TERMUX_PKG_SRCURL=https://www.python.org/ftp/python/${TERMUX_PKG_VERSION}/Python-${TERMUX_PKG_VERSION}.tar.xz
|
||||||
TERMUX_PKG_SHA256=b62c0e7937551d0cc02b8fd5cb0f544f9405bafc9a54d3808ed4594812edef43
|
TERMUX_PKG_SHA256=b62c0e7937551d0cc02b8fd5cb0f544f9405bafc9a54d3808ed4594812edef43
|
||||||
TERMUX_PKG_DEPENDS="libandroid-support, ncurses, readline, libffi, openssl, libbz2, libsqlite, gdbm, ncurses-ui-libs, libcrypt, zlib"
|
TERMUX_PKG_DEPENDS="libandroid-support, ncurses, readline, libffi, openssl, libbz2, libsqlite, gdbm, ncurses-ui-libs, libcrypt, zlib"
|
||||||
|
|
|
@ -0,0 +1,36 @@
|
||||||
|
diff -uNr Python-2.7.18/Lib/CGIHTTPServer.py Python-2.7.18.mod/Lib/CGIHTTPServer.py
|
||||||
|
--- Python-2.7.18/Lib/CGIHTTPServer.py 2020-04-20 00:13:39.000000000 +0300
|
||||||
|
+++ Python-2.7.18.mod/Lib/CGIHTTPServer.py 2021-03-20 16:17:50.802196841 +0200
|
||||||
|
@@ -239,10 +239,6 @@
|
||||||
|
return
|
||||||
|
# Child
|
||||||
|
try:
|
||||||
|
- try:
|
||||||
|
- os.setuid(nobody)
|
||||||
|
- except os.error:
|
||||||
|
- pass
|
||||||
|
os.dup2(self.rfile.fileno(), 0)
|
||||||
|
os.dup2(self.wfile.fileno(), 1)
|
||||||
|
os.execve(scriptfile, args, env)
|
||||||
|
diff -uNr Python-2.7.18/Lib/smtpd.py Python-2.7.18.mod/Lib/smtpd.py
|
||||||
|
--- Python-2.7.18/Lib/smtpd.py 2020-04-20 00:13:39.000000000 +0300
|
||||||
|
+++ Python-2.7.18.mod/Lib/smtpd.py 2021-03-20 16:17:42.182179072 +0200
|
||||||
|
@@ -9,7 +9,8 @@
|
||||||
|
-n
|
||||||
|
This program generally tries to setuid `nobody', unless this flag is
|
||||||
|
set. The setuid call will fail if this program is not run as root (in
|
||||||
|
- which case, use this flag).
|
||||||
|
+ which case, use this flag). Ignored in Termux as no setuid done on this
|
||||||
|
+ platform.
|
||||||
|
|
||||||
|
--version
|
||||||
|
-V
|
||||||
|
@@ -461,7 +462,7 @@
|
||||||
|
|
||||||
|
|
||||||
|
class Options:
|
||||||
|
- setuid = 1
|
||||||
|
+ setuid = 0
|
||||||
|
classname = 'PureProxy'
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue