diff options
| author | Denys Vlasenko <dvlasenk@redhat.com> | 2011-03-15 16:46:53 +0100 |
|---|---|---|
| committer | Denys Vlasenko <dvlasenk@redhat.com> | 2011-03-15 16:46:53 +0100 |
| commit | 821d8fc6d0e3bc596dd2f1c72296efe5dce33b45 (patch) | |
| tree | a5e9c4f25409370fc187843cd5a6ea0e008eb88e /src/lib | |
| parent | 4df9a21293f121e8d46d52404b89614d9b2b3cec (diff) | |
| download | abrt-821d8fc6d0e3bc596dd2f1c72296efe5dce33b45.tar.gz abrt-821d8fc6d0e3bc596dd2f1c72296efe5dce33b45.tar.xz abrt-821d8fc6d0e3bc596dd2f1c72296efe5dce33b45.zip | |
gui-wizard-gtk: sanitize file mode/uid/gid after event run
Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
Diffstat (limited to 'src/lib')
| -rw-r--r-- | src/lib/dump_dir.c | 49 |
1 files changed, 48 insertions, 1 deletions
diff --git a/src/lib/dump_dir.c b/src/lib/dump_dir.c index d0b1d478..fefec608 100644 --- a/src/lib/dump_dir.c +++ b/src/lib/dump_dir.c @@ -491,6 +491,53 @@ void dd_create_basic_files(struct dump_dir *dd, uid_t uid) free(release); } +void dd_sanitize_mode_and_owner(struct dump_dir *dd) +{ + /* Don't sanitize if we aren't run under root: + * we assume that during file creation (by whatever means, + * even by "hostname >file" in abrt_event.conf) + * normal umask-based mode setting takes care of correct mode, + * and uid:gid is, of course, set to user's uid and gid. + * + * For root operating on /var/spool/abrt/USERS_PROBLEM, this isn't true: + * "hostname >file", for example, would create file OWNED BY ROOT! + * This routine resets mode and uid:gid for all such files. + */ + if (dd->dd_uid == (uid_t)-1) + return; + + if (!dd->locked) + error_msg_and_die("dump_dir is not opened"); /* bug */ + + DIR *d = opendir(dd->dd_dirname); + if (!d) + return; + + struct dirent *dent; + while ((dent = readdir(d)) != NULL) + { + if (dent->d_name[0] == '.') /* ".lock", ".", ".."? skip */ + continue; + char *full_path = concat_path_file(dd->dd_dirname, dent->d_name); + struct stat statbuf; + if (lstat(full_path, &statbuf) == 0 && S_ISREG(statbuf.st_mode)) + { + if ((statbuf.st_mode & 0777) != 0640) + chmod(full_path, 0640); + if (statbuf.st_uid != dd->dd_uid || statbuf.st_gid != dd->dd_gid) + { + if (chown(full_path, dd->dd_uid, dd->dd_gid) != 0) + { + perror_msg("can't change '%s' ownership to %lu:%lu", full_path, + (long)dd->dd_uid, (long)dd->dd_gid); + } + } + } + free(full_path); + } + closedir(d); +} + static int delete_file_dir(const char *dir, bool skip_lock_file) { DIR *d = opendir(dir); @@ -615,7 +662,7 @@ static char *load_text_file(const char *path, unsigned flags) static bool save_binary_file(const char *path, const char* data, unsigned size, uid_t uid, gid_t gid) { - /* "Why 0640?!" See ::Create() for security analysis */ + /* "Why 0640?!" See dd_create() for security analysis */ unlink(path); int fd = open(path, O_WRONLY | O_TRUNC | O_CREAT, 0640); if (fd < 0) |