--- mysql-dfsg-5.1-5.1.31/cmd-line-utils/libedit/el.c	2009-12-28 21:48:19.543759459 +0100
+++ mysql-dfsg-5.1-5.1.37/cmd-line-utils/libedit/el.c	2009-07-14 01:08:36.000000000 +0200
@@ -1,4 +1,4 @@
-/*	$NetBSD: el.c,v 1.39 2004/07/08 00:51:36 christos Exp $	*/
+/*	$NetBSD: el.c,v 1.47 2009/01/18 12:17:24 lukem Exp $	*/
 
 /*-
  * Copyright (c) 1992, 1993
@@ -428,17 +478,17 @@
 
 	fp = NULL;
 	if (fname == NULL) {
+#ifdef HAVE_ISSETUGID
 		static const char elpath[] = "/.editrc";
+/* XXXMYSQL: Portability fix (for which platforms?) */
 #ifdef MAXPATHLEN
 		char path[MAXPATHLEN];
 #else
 		char path[4096];
 #endif
 
-#ifdef HAVE_ISSETUGID
 		if (issetugid())
 			return (-1);
-#endif
 		if ((ptr = getenv("HOME")) == NULL)
 			return (-1);
 		if (strlcpy(path, ptr, sizeof(path)) >= sizeof(path))
@@ -446,6 +496,14 @@
 		if (strlcat(path, elpath, sizeof(path)) >= sizeof(path))
 			return (-1);
 		fname = path;
+#else
+		/*
+		 * If issetugid() is missing, always return an error, in order
+		 * to keep from inadvertently opening up the user to a security
+		 * hole.
+		 */
+		return (-1);
+#endif
 	}
 	if (fp == NULL)
 		fp = fopen(fname, "r");