From: Zac Medico <zmedico@gentoo.org>
Date: Sun, 10 Jun 2007 22:15:33 +0000 (-0000)
Subject: Don't bother to warn about hardlinks to suid/sgid files before unlink since it can... 
X-Git-Tag: v2.2_pre1~1266
X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=b7962b0f49bd2a2e61042d0c08bf0d7ca9826a41;p=portage.git

Don't bother to warn about hardlinks to suid/sgid files before unlink since it can give false positives and the existing suid/sgid security check should spot problems before this anyway.

svn path=/main/trunk/; revision=6793
---

diff --git a/pym/portage/dbapi/vartree.py b/pym/portage/dbapi/vartree.py
index 73d2245f9..56e4f0097 100644
--- a/pym/portage/dbapi/vartree.py
+++ b/pym/portage/dbapi/vartree.py
@@ -1226,12 +1226,9 @@ class dblink(object):
 						writemsg_stdout("--- !md5   %s %s\n" % ("obj", obj))
 						continue
 					try:
-						if statobj.st_mode & (stat.S_ISUID | stat.S_ISGID):
-							# Always blind chmod 0 before unlinking to avoid race conditions.
-							os.chmod(obj, 0000)
-							if statobj.st_nlink > 1:
-								writemsg("setXid: "+str(statobj.st_nlink-1)+ \
-									" hardlinks to '%s'\n" % obj)
+						# Remove permissions to ensure that any hardlinks to
+						# suid/sgid files are rendered harmless.
+						os.chmod(obj, 0)
 						os.unlink(obj)
 					except (OSError, IOError), e:
 						pass