From 8323ada354df804d026de402d8d82e32e0be6357 Mon Sep 17 00:00:00 2001 From: Zac Medico Date: Wed, 23 May 2007 20:48:59 +0000 Subject: [PATCH] hardlink basic suid protection (trunk r6580) svn path=/main/branches/2.1.2/; revision=6606 --- pym/portage.py | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/pym/portage.py b/pym/portage.py index be41b4d96..759b50174 100644 --- a/pym/portage.py +++ b/pym/portage.py @@ -7134,6 +7134,12 @@ class dblink: writemsg_stdout("--- !md5 %s %s\n" % ("obj", obj)) continue try: + if statobj.st_mode & (stat.S_ISUID | stat.S_ISGID): + # Always blind chmod 0 before unlinking to avoid race conditions. + os.chmod(obj, 0000) + if statobj.st_nlink > 1: + writemsg("setXid: "+str(statobj.st_nlink-1)+ \ + " hardlinks to '%s'\n" % obj) os.unlink(obj) except (OSError,IOError),e: pass -- 2.26.2