diff options
| author | Zac Medico <zmedico@gentoo.org> | 2007-05-23 20:48:59 +0000 |
|---|---|---|
| committer | Zac Medico <zmedico@gentoo.org> | 2007-05-23 20:48:59 +0000 |
| commit | 8323ada354df804d026de402d8d82e32e0be6357 (patch) | |
| tree | db650cfb5712515e6c3596b140791d513a93b8ae | |
| parent | fa216dc7b5a9d147d356f8458c52e99f975e7da3 (diff) | |
| download | portage-8323ada354df804d026de402d8d82e32e0be6357.tar.gz portage-8323ada354df804d026de402d8d82e32e0be6357.tar.bz2 portage-8323ada354df804d026de402d8d82e32e0be6357.zip | |
hardlink basic suid protection (trunk r6580)
svn path=/main/branches/2.1.2/; revision=6606
| -rw-r--r-- | pym/portage.py | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/pym/portage.py b/pym/portage.py index be41b4d96..759b50174 100644 --- a/pym/portage.py +++ b/pym/portage.py @@ -7134,6 +7134,12 @@ class dblink: writemsg_stdout("--- !md5 %s %s\n" % ("obj", obj)) continue try: + if statobj.st_mode & (stat.S_ISUID | stat.S_ISGID): + # Always blind chmod 0 before unlinking to avoid race conditions. + os.chmod(obj, 0000) + if statobj.st_nlink > 1: + writemsg("setXid: "+str(statobj.st_nlink-1)+ \ + " hardlinks to '%s'\n" % obj) os.unlink(obj) except (OSError,IOError),e: pass |