MirrorHub/nixpkgs
0
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-11-18 15:56:50 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
nixpkgs/pkgs/applications/networking
History
aszlig 536feffc68
chromium: Fix userns patch for kernel 3.18.2. 
Writing the gid_map is already non-fatal, but the actual sandbox process
still tries to setresgid() to nogroup (usually 65534). This however
fails, because if user namespace sandboxing is present, the namespace
doesn't have CAP_SETGID at this point.

Fortunately, the effective GID is already 65534, so we just need to
check whether the target gid matches and only(!) setresgid() if it
doesn't.

So if someone would run a SUID version of the sandbox, it would still
work nonetheless without a negative impact on security.

Fixes #5730, thanks to @wizeman for reporting and initial debugging.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2015-01-13 06:18:10 +01:00
..
bittorrentsync nixpkgs: btsync 1.4.103 -> 1.4.106 2015-01-08 02:51:34 -06:00
browsers chromium: Fix userns patch for kernel 3.18.2. 2015-01-13 06:18:10 +01:00
cluster Change occurrences of gcc to the more general cc 2014-12-26 11:06:21 -06:00
copy-com Copy.com: update package to 1.47.0410 (upstream update) 2014-10-02 06:44:12 +01:00
davmail davmail: updated to 4.5.1 2014-09-15 18:01:17 +02:00
dropbox dropbox: update to 2.10.52 2014-11-23 13:31:36 -06:00
dropbox-cli
esniper
feedreaders setting namePrefix = "" in rawdog 2014-12-24 13:13:39 -06:00
ftp/filezilla FileZilla: update from 3.8.1 to 3.9.0.6 2014-11-08 17:27:18 +00:00
ids Bump snort to 2.9.7.0 and daq to 2.0.4 2014-11-27 09:57:59 +02:00
ike
instant-messengers Merge pull request #5582 from devhell/profanity. 2015-01-05 08:33:11 +01:00
iptraf change md5sum to sha256sum for a few packages 2014-10-12 16:13:21 +02:00
irc weechatDevel: removing it 2014-12-10 14:59:41 +01:00
jmeter jmeter: fix download URL 2014-11-18 15:43:09 +01:00
linssid boost: Remove boost.lib 2014-11-02 17:22:27 -08:00
mailreaders sylpheed: actually enable gpg support 2015-01-07 11:08:58 +00:00
msmtp Update msmtp to 1.6.1 2015-01-09 18:13:45 +01:00
mumble mumble: add pulseaudio support 2015-01-10 23:36:42 +03:00
netperf
newsreaders slrn: update 1.0.1 to 1.0.2 2014-10-27 12:47:22 -04:00
notbit
offrss
owncloud-client owncloud-client: added meta.platforms = stdenv.lib.platforms.unix; 2014-12-17 17:59:18 +01:00
p2p transmission-remote-gtk: meta fixup (close #5420) 2014-12-21 10:35:24 +01:00
pjsip
pond go: Update to 1.4 2015-01-06 13:31:02 -06:00
remote java: Normalize to the default jre / jdk 2015-01-07 14:55:41 -08:00
seafile-client seafile: update client, ccnet, libsearpc and shared 2015-01-09 13:37:44 +01:00
siproxd
sniffers wireshark: update 1.12.2 -> 1.12.3 (security update) 2015-01-08 19:43:50 +01:00
spideroak
sync Removed akunambol 2014-10-09 12:00:12 +02:00
syncthing syncthing: Update to version 0.10.19. 2015-01-12 13:23:18 -06:00
umurmur Fix license attribute of many bsd-like licensed packages 2014-12-21 00:00:35 +01:00
vnstat
yafc
znc