From: Ned Ludd <solar@gentoo.org>
Date: Mon, 21 May 2007 19:27:28 +0000 (-0000)
Subject: - blind chmod 0 before unlinking files to avoid anybody doing sneaky stuff via hardlinks
X-Git-Tag: v2.2_pre1~1402
X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=0f8bcb36b08324804c213c591f0001af61c2568f;p=portage.git

- blind chmod 0 before unlinking files to avoid anybody doing sneaky stuff via hardlinks

svn path=/main/trunk/; revision=6563
---

diff --git a/pym/portage/dbapi/vartree.py b/pym/portage/dbapi/vartree.py
index d438cbee0..3c7e646eb 100644
--- a/pym/portage/dbapi/vartree.py
+++ b/pym/portage/dbapi/vartree.py
@@ -1211,6 +1211,10 @@ class dblink(object):
 						writemsg_stdout("--- !md5   %s %s\n" % ("obj", obj))
 						continue
 					try:
+						if statobj.st_nlink > 1:
+							portage.writemsg("There are "+str(st.st_nlink-1)+" hardlinks to " + obj)
+						# Always blind chmod 0 before unlinking to avoid race conditions.
+						os.chmod(obj, 0000)
 						os.unlink(obj)
 					except (OSError, IOError), e:
 						pass