diff options
author | Zac Medico <zmedico@gentoo.org> | 2007-12-28 11:29:58 +0000 |
---|---|---|
committer | Zac Medico <zmedico@gentoo.org> | 2007-12-28 11:29:58 +0000 |
commit | e3e9352bd3622488a5c2524ddc7d071ae6b261cf (patch) | |
tree | 204cdf31985b27a28b241180bf0a8efa82e9a475 | |
parent | b569a9fcd6093bc5b92299dd2f034a96662a3f89 (diff) | |
download | portage-e3e9352bd3622488a5c2524ddc7d071ae6b261cf.tar.gz portage-e3e9352bd3622488a5c2524ddc7d071ae6b261cf.tar.bz2 portage-e3e9352bd3622488a5c2524ddc7d071ae6b261cf.zip |
Bug #203323 - Fix the FEATURES=sfperms code so that it doesn't chmod
g-r on binaries that are both setuid and setgid. In that case, just
chmod o-r.
svn path=/main/trunk/; revision=9061
-rwxr-xr-x | bin/misc-functions.sh | 25 |
1 files changed, 19 insertions, 6 deletions
diff --git a/bin/misc-functions.sh b/bin/misc-functions.sh index d1b8c5eb3..d293fd769 100755 --- a/bin/misc-functions.sh +++ b/bin/misc-functions.sh @@ -429,15 +429,28 @@ preinst_sfperms() { fi # Smart FileSystem Permissions if hasq sfperms $FEATURES; then + local i for i in $(find "${D}" -type f -perm -4000); do - ebegin ">>> SetUID: [chmod go-r] $i " - chmod go-r "$i" - eend $? + if [ -n "$(find "$i" -perm -2000)" ] ; then + ebegin ">>> SetUID and SetGID: [chmod o-r] /${i#${D}}" + chmod o-r "$i" + eend $? + else + ebegin ">>> SetUID: [chmod go-r] /${i#${D}}" + chmod go-r "$i" + eend $? + fi done for i in $(find "${D}" -type f -perm -2000); do - ebegin ">>> SetGID: [chmod o-r] $i " - chmod o-r "$i" - eend $? + if [ -n "$(find "$i" -perm -4000)" ] ; then + # This case is already handled + # by the SetUID check above. + true + else + ebegin ">>> SetGID: [chmod o-r] /${i#${D}}" + chmod o-r "$i" + eend $? + fi done fi } |