- By default IMAP-UW will allow users to traverse the filesytem and access any

  file that they could access locally, including /etc/passwd etc. For providers
  giving out accounts for mail only this creates an unneccesary risk.

  Disable this.

PR:		ports/87508
Submitted by:	Stefan Norman <stefan@hostcore.com.au>
Approved by:	maintainer timeout (anders; 5 weeks)

2 files changed, 12 insertions, 0 deletions

diff --git a/mail/imap-uw/Makefile b/mail/imap-uw/Makefile
index 1e63ddb8a440..f0fa403e0cc8 100644
--- a/mail/imap-uw/Makefile
+++ b/mail/imap-uw/Makefile
@@ -7,6 +7,7 @@
 
 PORTNAME=	imap
 PORTVERSION=	2004g
+PORTREVISION=	1
 PORTEPOCH=	1
 CATEGORIES=	mail ipv6
 MASTER_SITES=	ftp://ftp.cac.washington.edu/imap/%SUBDIR%/ \
diff --git a/mail/imap-uw/files/patch-src-osdep-unix-env_unix.c b/mail/imap-uw/files/patch-src-osdep-unix-env_unix.c
new file mode 100644
index 000000000000..61e0b8367438
--- /dev/null
+++ b/mail/imap-uw/files/patch-src-osdep-unix-env_unix.c
@@ -0,0 +1,11 @@
+--- src/osdep/unix/env_unix.c.orig	Mon Sep 13 23:31:19 2004
++++ src/osdep/unix/env_unix.c	Fri Nov 25 20:44:01 2005
+@@ -44,7 +44,7 @@
+ static short anonymous = NIL;	/* is anonymous */
+ static short blackBox = NIL;	/* is a black box */
+ static short closedBox = NIL;	/* is a closed box */
+-static short restrictBox = NIL;	/* is a restricted box */
++static short restrictBox = -1;	/* is a restricted box */
+ static short has_no_life = NIL;	/* is a cretin with no life */
+ 				/* flock() emulator is a no-op */
+ static short disableFcntlLock = NIL;