From: Ned Ludd <solar@gentoo.org>
Date: Tue, 22 May 2007 18:19:21 +0000 (-0000)
Subject: - cleaner version of the hardlink basic suid protection. actually check that the... 
X-Git-Tag: v2.2_pre1~1393
X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=0f27a71d5d7cfdc61603d28cef6fdd6769069110;p=portage.git

- cleaner version of the hardlink basic suid protection. actually check that the file is setXid

svn path=/main/trunk/; revision=6579
---

diff --git a/pym/portage/dbapi/vartree.py b/pym/portage/dbapi/vartree.py
index 986516e25..448df94df 100644
--- a/pym/portage/dbapi/vartree.py
+++ b/pym/portage/dbapi/vartree.py
@@ -1211,11 +1211,12 @@ class dblink(object):
 						writemsg_stdout("--- !md5   %s %s\n" % ("obj", obj))
 						continue
 					try:
-						if statobj.st_nlink > 1:
-							portage.writemsg("There are "+str(st.st_nlink-1)+ \
-								" hardlinks to '%s'\n" % obj)
-						# Always blind chmod 0 before unlinking to avoid race conditions.
-						os.chmod(obj, 0000)
+						if statobj.st_mode & S_ISUID or statobj.st_mode & S_ISGID:
+							# Always blind chmod 0 before unlinking to avoid race conditions.
+							os.chmod(obj, 0000)
+							if statobj.st_nlink > 1:
+								portage.writemsg("setXid: "+str(st.st_nlink-1)+ \
+									" hardlinks to '%s'\n" % obj)
 						os.unlink(obj)
 					except (OSError, IOError), e:
 						pass