diff options
author | Ned Ludd <solar@gentoo.org> | 2007-05-22 18:19:21 +0000 |
---|---|---|
committer | Ned Ludd <solar@gentoo.org> | 2007-05-22 18:19:21 +0000 |
commit | 0f27a71d5d7cfdc61603d28cef6fdd6769069110 (patch) | |
tree | 2a668a7c83b921f05ebb6caa762c2c57dd21fc18 | |
parent | 5fd4d5b44ecc48572f0a1d37186c531d5ad06517 (diff) | |
download | portage-0f27a71d5d7cfdc61603d28cef6fdd6769069110.tar.gz portage-0f27a71d5d7cfdc61603d28cef6fdd6769069110.tar.bz2 portage-0f27a71d5d7cfdc61603d28cef6fdd6769069110.zip |
- cleaner version of the hardlink basic suid protection. actually check that the file is setXid
svn path=/main/trunk/; revision=6579
-rw-r--r-- | pym/portage/dbapi/vartree.py | 11 |
1 files changed, 6 insertions, 5 deletions
diff --git a/pym/portage/dbapi/vartree.py b/pym/portage/dbapi/vartree.py index 986516e25..448df94df 100644 --- a/pym/portage/dbapi/vartree.py +++ b/pym/portage/dbapi/vartree.py @@ -1211,11 +1211,12 @@ class dblink(object): writemsg_stdout("--- !md5 %s %s\n" % ("obj", obj)) continue try: - if statobj.st_nlink > 1: - portage.writemsg("There are "+str(st.st_nlink-1)+ \ - " hardlinks to '%s'\n" % obj) - # Always blind chmod 0 before unlinking to avoid race conditions. - os.chmod(obj, 0000) + if statobj.st_mode & S_ISUID or statobj.st_mode & S_ISGID: + # Always blind chmod 0 before unlinking to avoid race conditions. + os.chmod(obj, 0000) + if statobj.st_nlink > 1: + portage.writemsg("setXid: "+str(st.st_nlink-1)+ \ + " hardlinks to '%s'\n" % obj) os.unlink(obj) except (OSError, IOError), e: pass |