From 25d07ebf925d7007724e63453d23533c986196fb Mon Sep 17 00:00:00 2001
From: doktornotor <notordoktor@gmail.com>
Date: Wed, 9 Sep 2015 11:22:11 +0200
Subject: Squid - squid pinger helper needs to be suid root (Bug #5114)

---
 config/squid/squid.inc | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

(limited to 'config')

diff --git a/config/squid/squid.inc b/config/squid/squid.inc
index 48a92a75..27bff27b 100644
--- a/config/squid/squid.inc
+++ b/config/squid/squid.inc
@@ -210,9 +210,11 @@ function squid_install_command() {
 	/* create cache */
 	update_status("Creating squid cache pools... One moment please...");
 	squid_dash_z();
-	/* make sure pinger is executable */
+	/* make sure pinger is executable and suid root */
+	// XXX: Bug #5114
 	if(file_exists(SQUID_LOCALBASE . "/libexec/squid/pinger"))
 		exec("/bin/chmod a+x " . SQUID_LOCALBASE . "/libexec/squid/pinger");
+		exec("/bin/chmod u+s " . SQUID_LOCALBASE . "/libexec/squid/pinger");
 	if(file_exists(SQUID_LOCALBASE . "/etc/rc.d/squid"))
 		exec("/bin/rm " . SQUID_LOCALBASE . "/etc/rc.d/squid");
 	squid_write_rcfile();
@@ -1096,9 +1098,11 @@ function squid_resync() {
 	squid_resync_users();
 	squid_write_rcfile();
 
-	/* make sure pinger is executable */
+	/* make sure pinger is executable and suid root */
+	// XXX: Bug #5114
 	if(file_exists(SQUID_LOCALBASE . "/libexec/squid/pinger"))
-		exec("chmod a+x " . SQUID_LOCALBASE . "/libexec/squid/pinger");
+		exec("/bin/chmod a+x " . SQUID_LOCALBASE . "/libexec/squid/pinger");
+		exec("/bin/chmod u+s " . SQUID_LOCALBASE . "/libexec/squid/pinger");
 
 	foreach (array(	SQUID_CONFBASE,
 			SQUID_ACLDIR,
-- 
cgit v1.2.3