diff options
| author | Zac Medico <zmedico@gentoo.org> | 2007-06-10 22:15:33 +0000 |
|---|---|---|
| committer | Zac Medico <zmedico@gentoo.org> | 2007-06-10 22:15:33 +0000 |
| commit | b7962b0f49bd2a2e61042d0c08bf0d7ca9826a41 (patch) | |
| tree | efc27cf72e47d36b5f1567c66e6101eb587287ab | |
| parent | e209120b9862c490f7151d64c1b4ce0a82d95278 (diff) | |
| download | portage-b7962b0f49bd2a2e61042d0c08bf0d7ca9826a41.tar.gz portage-b7962b0f49bd2a2e61042d0c08bf0d7ca9826a41.tar.bz2 portage-b7962b0f49bd2a2e61042d0c08bf0d7ca9826a41.zip | |
Don't bother to warn about hardlinks to suid/sgid files before unlink since it can give false positives and the existing suid/sgid security check should spot problems before this anyway.
svn path=/main/trunk/; revision=6793
| -rw-r--r-- | pym/portage/dbapi/vartree.py | 9 |
1 files changed, 3 insertions, 6 deletions
diff --git a/pym/portage/dbapi/vartree.py b/pym/portage/dbapi/vartree.py index 73d2245f9..56e4f0097 100644 --- a/pym/portage/dbapi/vartree.py +++ b/pym/portage/dbapi/vartree.py @@ -1226,12 +1226,9 @@ class dblink(object): writemsg_stdout("--- !md5 %s %s\n" % ("obj", obj)) continue try: - if statobj.st_mode & (stat.S_ISUID | stat.S_ISGID): - # Always blind chmod 0 before unlinking to avoid race conditions. - os.chmod(obj, 0000) - if statobj.st_nlink > 1: - writemsg("setXid: "+str(statobj.st_nlink-1)+ \ - " hardlinks to '%s'\n" % obj) + # Remove permissions to ensure that any hardlinks to + # suid/sgid files are rendered harmless. + os.chmod(obj, 0) os.unlink(obj) except (OSError, IOError), e: pass |