diff options
author | Zac Medico <zmedico@gentoo.org> | 2008-02-29 22:58:15 +0000 |
---|---|---|
committer | Zac Medico <zmedico@gentoo.org> | 2008-02-29 22:58:15 +0000 |
commit | 194a6d0d3d48fe899a992daffeb8b36ff75b120b (patch) | |
tree | 505e9b2198ec8d11840a0bd87e3f8b6d9651a2b3 | |
parent | 66940e1f2f0549ee8f01dad59016e168105e193d (diff) | |
download | portage-194a6d0d3d48fe899a992daffeb8b36ff75b120b.tar.gz portage-194a6d0d3d48fe899a992daffeb8b36ff75b120b.tar.bz2 portage-194a6d0d3d48fe899a992daffeb8b36ff75b120b.zip |
In the suidctl code, move the addwrite call out of the loop. Thanks to ferringb.
svn path=/main/trunk/; revision=9399
-rwxr-xr-x | bin/misc-functions.sh | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/bin/misc-functions.sh b/bin/misc-functions.sh index c9a1383cf..67eaa292e 100755 --- a/bin/misc-functions.sh +++ b/bin/misc-functions.sh @@ -491,6 +491,10 @@ preinst_suid_scan() { # total suid control. if hasq suidctl $FEATURES; then sfconf=${PORTAGE_CONFIGROOT}etc/portage/suidctl.conf + # sandbox prevents us from writing directly + # to files outside of the sandbox, but this + # can easly be bypassed using the addwrite() function + addwrite "${sfconf}" vecho ">>> Performing suid scan in ${D}" for i in $(find "${D}" -type f \( -perm -4000 -o -perm -2000 \) ); do if [ -s "${sfconf}" ]; then @@ -504,10 +508,6 @@ preinst_suid_scan() { ls_ret=$(ls -ldh "${i}") chmod ugo-s "${i}" grep "^#${i/${D}}$" "${sfconf}" > /dev/null || { - # sandbox prevents us from writing directly - # to files outside of the sandbox, but this - # can easly be bypassed using the addwrite() function - addwrite "${sfconf}" vecho ">>> Appending commented out entry to ${sfconf} for ${PF}" echo "## ${ls_ret%${D}*}${ls_ret#*${D}}" >> "${sfconf}" echo "#${i/${D}}" >> "${sfconf}" |