Index: head/www/mod_frontpage/Makefile =================================================================== --- head/www/mod_frontpage/Makefile (revision 58521) +++ head/www/mod_frontpage/Makefile (revision 58522) @@ -1,68 +1,69 @@ # New ports collection makefile for: apache mod_frontpage # Date created: 2001/07/24 # Whom: mb@imp.ch # # $FreeBSD$ PORTNAME= mod_frontpage -PORTVERSION= 1.6.1 -PORTREVISION= 1 +PORTVERSION= 1.6.2 CATEGORIES= www -MASTER_SITES= http://people.freebsd.org/~mbr/distfiles/ +MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:S/%SUBDIR%/mirfak/g} +DISTFILES= ${PORTNAME}_mirfak-${PORTVERSION}.tar.gz MAINTAINER= mbr@FreeBSD.org +WRKSRC= ${WRKDIR}/${PORTNAME}_mirfak-${PORTVERSION} AP_PORT?= apache13 BUILD_DEPENDS= ${LOCALBASE}/sbin/apxs:${PORTSDIR}/www/${AP_PORT} RUN_DEPENDS= ${LOCALBASE}/sbin/apxs:${PORTSDIR}/www/${AP_PORT} .include PKGMESSAGE= pkg-message INSTALL_FILE= ${INSTALL} -c -m 555 -o bin -g bin PKG_PREFIX= ${PREFIX} APXS= ${LOCALBASE}/sbin/apxs .if exists(${APXS}) APXS_WORKS!= ${APXS} -q TARGET 2>/dev/null || ${ECHO} no .endif .if exists(${APXS}) && ${APXS_WORKS} != no AP_TARGET!= ${APXS} -q TARGET AP_SYSCONF!= ${APXS} -q SYSCONFDIR AP_INCLUDE!= ${APXS} -q INCLUDEDIR AP_LIBEXEC!= ${APXS} -q LIBEXECDIR .else AP_TARGET?= httpd AP_SYSCONF?= ${PREFIX}/etc/apache AP_INCLUDE?= ${PREFIX}/include/apache AP_LIBEXEC?= ${PREFIX}/libexec/apache .endif PERL_CONFIGURE= yes pre-fetch: @${ECHO} @${ECHO} "*****************************************************" @${ECHO} IMPORTANT @${ECHO} @${ECHO} This port still has some security issues. Some buffer @${ECHO} overflows have been fixed, but since the port depends @${ECHO} on ENV[] variables, a local user can still gain a UID @${ECHO} of another user. This is a design issue, and also @${ECHO} present in the apache13-fp port. @${ECHO} @${ECHO} Check carefully that the Makefile has FP_UID_MIN and @${ECHO} FP_GID_MIN set correctly. If you think security is @${ECHO} very important for you, you shouldn't run frontpage @${ECHO} at all. @${ECHO} "*****************************************************" @${ECHO} post-install: @${CAT} ${PKGMESSAGE} .include Property changes on: head/www/mod_frontpage/Makefile ___________________________________________________________________ Modified: cvs2svn:cvs-rev ## -1 +1 ## -1.8 \ No newline at end of property +1.9 \ No newline at end of property Index: head/www/mod_frontpage/distinfo =================================================================== --- head/www/mod_frontpage/distinfo (revision 58521) +++ head/www/mod_frontpage/distinfo (revision 58522) @@ -1 +1 @@ -MD5 (mod_frontpage-1.6.1.tar.gz) = ca2bc12b8398b1d82dc94fe7fda42e74 +MD5 (mod_frontpage_mirfak-1.6.2.tar.gz) = 5dbae3d1d706c24f3ffcd3f5121c517a Property changes on: head/www/mod_frontpage/distinfo ___________________________________________________________________ Modified: cvs2svn:cvs-rev ## -1 +1 ## -1.4 \ No newline at end of property +1.5 \ No newline at end of property Index: head/www/mod_frontpage/files/patch-Makefile.in =================================================================== --- head/www/mod_frontpage/files/patch-Makefile.in (revision 58521) +++ head/www/mod_frontpage/files/patch-Makefile.in (nonexistent) @@ -1,29 +0,0 @@ ---- Makefile.in Mon Feb 4 21:19:21 2002 -+++ Makefile.in Tue Feb 5 18:19:23 2002 -@@ -16,7 +16,7 @@ - DEF= -DFPEXEC_BIN=\"$(fpexec_bin)\" \ - -DFPSTATIC_BIN=\"$(fpstatic_bin)\" - --DEF2= -DFP_HTTPD_USER=\"$(fpexec_caller)\" \ -+DEF2= -DFP_HTTPD_USER=\"$(fpexec_uidcaller)\" \ - -DFP_UID_MIN=$(fpexec_uidmin) \ - -DFP_GID_MIN=$(fpexec_gidmin) \ - -DFP_LOG_EXEC=\"$(fpexec_logexec)\" \ -@@ -49,14 +49,10 @@ - # and activate it in the Apache configuration - install: all - $(APXS) -i -a -n 'frontpage' mod_frontpage.so -- $(install) fpexec $(sbindir)/fpexec -- chown root.root $(sbindir)/fpexec -- chmod 4711 $(sbindir)/fpexec -- $(install) fpstatic $(sbindir)/fpstatic -- chown root.root $(sbindir)/fpstatic -- chmod 755 $(sbindir)/fpstatic -+ $(install) -m 4550 -o root -g $(fpexec_gidcaller) fpexec $(sbindir)/fpexec -+ $(install) -m 0555 -o root -g $(fpexec_gidcaller) fpstatic $(sbindir)/fpstatic - touch $(fpexec_logexec) -- chown $(fpexec_caller) $(fpexec_logexec) -+ chown $(fpexec_uidcaller) $(fpexec_logexec) - - # cleanup - clean: Property changes on: head/www/mod_frontpage/files/patch-Makefile.in ___________________________________________________________________ Deleted: cvs2svn:cvs-rev ## -1 +0,0 ## -1.1 \ No newline at end of property Deleted: fbsd:nokeywords ## -1 +0,0 ## -yes \ No newline at end of property Index: head/www/mod_frontpage/files/patch-Makefile.PL =================================================================== --- head/www/mod_frontpage/files/patch-Makefile.PL (revision 58521) +++ head/www/mod_frontpage/files/patch-Makefile.PL (revision 58522) @@ -1,12 +1,10 @@ ---- Makefile.PL Sun Feb 3 12:20:53 2002 -+++ Makefile.PL Tue Feb 5 18:19:43 2002 -@@ -110,7 +110,8 @@ - $_=~ s|\$\(install\)|$install|; - #$_=~ s|\$\(\)|$|; - #$_=~ s|\$\(\)|$|; --$_=~ s|\$\(fpexec_caller\)|$user|; -+$_=~ s|\$\(fpexec_uidcaller\)|$user|; -+$_=~ s|\$\(fpexec_gidcaller\)|$group|; - $_=~ s|\$\(fpexec_uidmin\)|$uid|; - $_=~ s|\$\(fpexec_gidmin\)|$gid|; - $_=~ s|\$\(fpexec_logexec\)|$errorlog|; +--- Makefile.PL.orig Sat May 4 14:25:20 2002 ++++ Makefile.PL Sat May 4 14:25:23 2002 +@@ -10,6 +10,7 @@ + # + + $flavor=`uname`; ++chop $flavor; + if (-e "/etc/mandrake-release") {$flavor="Mandrake";} + + if ($flavor eq "FreeBSD") { $thechoice="/usr/local/sbin/httpd"; Property changes on: head/www/mod_frontpage/files/patch-Makefile.PL ___________________________________________________________________ Modified: cvs2svn:cvs-rev ## -1 +1 ## -1.3 \ No newline at end of property +1.4 \ No newline at end of property Index: head/www/mod_frontpage/files/patch-mod_frontpage.c =================================================================== --- head/www/mod_frontpage/files/patch-mod_frontpage.c (revision 58521) +++ head/www/mod_frontpage/files/patch-mod_frontpage.c (revision 58522) @@ -1,22 +1,11 @@ --- mod_frontpage.c Tue Feb 5 13:56:31 2002 +++ mod_frontpage.c Tue Feb 5 18:01:27 2002 @@ -124,7 +124,7 @@ "FrontPage disabled for server %s:%d\n", s->server_hostname, s->port); /* - * As default, enable the mod_frontpage cgi administration + * As default, disable the mod_frontpage cgi administration */ if (c->admindisabled == -1) c->admindisabled = TRUE; -@@ -491,10 +491,6 @@ - return log_scripterror (r, c, FORBIDDEN, APLOG_ERR|APLOG_NOERRNO, - "fpEXEC stub writable by group or others"); - } -- if (!(r->finfo.st_mode & S_IXOTH)) { -- return log_scripterror (r, c, FORBIDDEN, APLOG_ERR|APLOG_NOERRNO, -- "fpEXEC stub not executable by others"); -- } - if (((r->finfo.st_mode & S_ISGID)) - && (r->finfo.st_gid != 0)) { - return log_scripterror (r, c, FORBIDDEN, APLOG_ERR|APLOG_NOERRNO, Property changes on: head/www/mod_frontpage/files/patch-mod_frontpage.c ___________________________________________________________________ Modified: cvs2svn:cvs-rev ## -1 +1 ## -1.5 \ No newline at end of property +1.6 \ No newline at end of property