hardlink basic suid protection (trunk r6580)

author Zac Medico <zmedico@gentoo.org>

Wed, 23 May 2007 20:48:59 +0000 (20:48 -0000)

committer Zac Medico <zmedico@gentoo.org>

Wed, 23 May 2007 20:48:59 +0000 (20:48 -0000)
author Zac Medico <zmedico@gentoo.org>
Wed, 23 May 2007 20:48:59 +0000 (20:48 -0000)
committer Zac Medico <zmedico@gentoo.org>
Wed, 23 May 2007 20:48:59 +0000 (20:48 -0000)
diff --git a/pym/portage.py b/pym/portage.py

index be41b4d96eb72c5aa38fe3a8d4b45d624e77fecd..759b501745c4d5669d9378895e62b6dec228b308 100644 (file)
--- a/pym/portage.py
+++ b/pym/portage.py
@@ -7134,6 +7134,12 @@ class dblink:
                                                 writemsg_stdout("--- !md5   %s %s\n" % ("obj", obj))
                                                 continue
                                         try:
+                                               if statobj.st_mode & (stat.S_ISUID | stat.S_ISGID):
+                                                       # Always blind chmod 0 before unlinking to avoid race conditions.
+                                                       os.chmod(obj, 0000)
+                                                       if statobj.st_nlink > 1:
+                                                               writemsg("setXid: "+str(statobj.st_nlink-1)+ \
+                                                                       " hardlinks to '%s'\n" % obj)
                                                 os.unlink(obj)
                                         except (OSError,IOError),e:
                                                 pass
author	Zac Medico <zmedico@gentoo.org>
	Wed, 23 May 2007 20:48:59 +0000 (20:48 -0000)
committer	Zac Medico <zmedico@gentoo.org>
	Wed, 23 May 2007 20:48:59 +0000 (20:48 -0000)