The ircd-ratbox-3.0.3 release was broken so we've skipped over that and gone straight to 3.0.4. This update fixes the port permissions setting during install and provides some ircd bug fixes and tweaks.
During installation, the FreeBSD ratbox ports check to see if the ircd.conf file is present, and if so, will set ownership and permissions on the configuration files to help protect them from being read by other users. However, when the ports were updated to automatically copy the example ircd configuration file to '/usr/local/etc/ircd-ratbox/ircd.conf' for the user upon installation, this check would always be negative meaning the setting of permissions was never done.
To fix this the check has been changed to do a file comparison instead - since, if the main ircd.conf file has been modified from the example provided, the port can be reasonably sure that this is not a fresh installation and will therefore not override the current permissions.
To improve security the port now sets the configuration files to be owned by root:ircd. This was done as a sensible default because it protects the configuration files from being modified by the ircd user if it becomes compromised, but ensures the configuration files can be read by the ircd user and are not world readable.
Software Changes
General list of changes in this ircd-ratbox release include:
- Fix forward DNS resolution, only used by connect::host with hostnames.
- Check return values on rb_socketpair that can cause a crash if socketpair fails.
- Add autoconf checks for -fstack-protector.
- Add warnings for certain functions who's return values should always be checked.
- Fix a CHALLENGE related core dump.
— posted by Moggie
