--- glibc-2.3.3_pre20031222.ebuild	2004-01-03 19:21:42.000000000 -0500
+++ glibc-2.3.3_pre20031222-r1.ebuild	2004-01-03 19:37:50.000000000 -0500
@@ -397,6 +397,18 @@
 		epatch ${FILESDIR}/2.3.1/glibc23-07-hppa-atomicity.dpatch
 	fi
 
+	# - Borrowed from OpenWall Linux - (Jan  3 2003) <solar@gentoo>
+	# Sanity check the forward and backward chunk pointers in the
+	# unlink() macro used by Doug Lea's implementation of malloc(3).
+	# If the pointers are determined to have been overwritten, the
+	# process will be forced to terminate thereby reducing the
+	# impact of a common class of attacks on memory overwrite
+	# vulnerabilities present in various applications. Credit for
+	# the idea for this countermeasure is due to Stefan Esser.
+
+	cd ${S}
+	epatch ${FILESDIR}/2.3.3/glibc-2.3.3-owl-malloc-unlink-sanity-check.diff
+
 	# Fix permissions on some of the scripts
 	chmod u+x ${S}/scripts/*.sh
 }
@@ -585,7 +597,10 @@
 
 	# Is this next line actually needed or does the makefile get it right?
 	# It previously has 0755 perms which was killing things.
-	fperms 4755 /usr/lib/misc/pt_chown
+
+	# fperms 4755 /usr/lib/misc/pt_chown
+	# no known reason to keep the group/other world readable bits on this.
+	fperms 4711 /usr/lib/misc/pt_chown
 
 	# Currently libraries in  /usr/lib/gconv do not get loaded if not
 	# in search path ...