ncurses
/
backport-0002-CVE-2023-29491-env-acce...

From 94240194a58b15e7fc3a015ed123ebb124f4e869 Mon Sep 17 00:00:00 2001
From: Sven Joachim <svenjoac@gmx.de>
Date: Mon, 1 May 2023 11:32:01 +0200
Subject: [PATCH] Change the behavior of the "--disable-root-environ" option

The new patch debian-env-access.diff makes the
"--disable-root-environ" configure option functionally equivalent to
the --disable-setuid-environ" option that has been added in the
20230425 upstream patchlevel.

Conflict:NA
Reference:https://salsa.debian.org/debian/ncurses/-/commit/94240194a58b15e7fc3a015ed123ebb124f4e869
---
 ncurses/tinfo/access.c | 2 --
 1 file changed, 2 deletions(-)

diff --git a/ncurses/tinfo/access.c b/ncurses/tinfo/access.c
index a735db2..c9f8660 100644
--- a/ncurses/tinfo/access.c
+++ b/ncurses/tinfo/access.c
@@ -215,8 +215,6 @@ _nc_env_access(void)

     if (is_elevated()) {
 	result = FALSE;
-    } else if ((getuid() == ROOT_UID) || (geteuid() == ROOT_UID)) {
-	result = FALSE;
     }
     return result;
 }
--
2.33.0