diff options
author | Julian Andres Klode <jak@debian.org> | 2017-02-11 22:17:08 +0100 |
---|---|---|
committer | Julian Andres Klode <jak@debian.org> | 2017-02-11 22:17:08 +0100 |
commit | 25f54c960d7a4ceca7bd3e21f87baf48d6cbc2d3 (patch) | |
tree | b87f059078a0ca81b188abd7d35514de2af648af | |
parent | 56c53760171a40a3ca974346d36d518f7ec5bcd9 (diff) |
Don't use -1 fd and AT_SYMLINK_NOFOLLOW for faccessat()
-1 is not an allowed value for the file descriptor, the only
allowed non-file-descriptor value is AT_FDCWD. So use that
instead.
AT_SYMLINK_NOFOLLOW has a weird semantic: It checks whether
we have the specified access on the symbolic link. It also
is implemented only by glibc on Linux, so it's inherently
non-portable. We should just drop it.
Thanks: James Clarke for debugging these issues
Reported-by: James Clarke <jrtc27@jrtc27.com>
-rw-r--r-- | apt-pkg/contrib/fileutl.cc | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/apt-pkg/contrib/fileutl.cc b/apt-pkg/contrib/fileutl.cc index affab956c..e4c40fb4f 100644 --- a/apt-pkg/contrib/fileutl.cc +++ b/apt-pkg/contrib/fileutl.cc @@ -2792,7 +2792,7 @@ static std::string APT_NONNULL(1) GetTempDirEnv(char const * const env) /*{{{*/ stat(tmpdir, &st) != 0 || (st.st_mode & S_IFDIR) == 0) // exists and is directory tmpdir = "/tmp"; else if (geteuid() != 0 && // root can do everything anyway - faccessat(-1, tmpdir, R_OK | W_OK | X_OK, AT_EACCESS | AT_SYMLINK_NOFOLLOW) != 0) // current user has rwx access to directory + faccessat(AT_FDCWD, tmpdir, R_OK | W_OK | X_OK, AT_EACCESS) != 0) // current user has rwx access to directory tmpdir = "/tmp"; return string(tmpdir); |