diff options
| author | David Kalnischkies <david@kalnischkies.de> | 2017-07-07 22:21:44 +0200 |
|---|---|---|
| committer | David Kalnischkies <david@kalnischkies.de> | 2017-07-26 19:09:04 +0200 |
| commit | 881ec045b6660e2fe0c6953720260e380ceeeb99 (patch) | |
| tree | 231454f60c5d3bd20396444316bf15671a7a5ee7 /methods/basehttp.cc | |
| parent | 6291fa81da6ed4c32d0dde33fa559cd155faff11 (diff) | |
allow the auth.conf to be root:root owned
Opening the file before we drop privileges in the methods allows us to
avoid chowning in the acquire main process which can apply to the wrong
file (imagine Binary scoped settings) and surprises users as their
permission setup is overridden.
There are no security benefits as the file is open, so an evil method
could as before read the contents of the file, but it isn't worse than
before and we avoid permission problems in this setup.
Diffstat (limited to 'methods/basehttp.cc')
| -rw-r--r-- | methods/basehttp.cc | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/methods/basehttp.cc b/methods/basehttp.cc index 1a3566479..0eb617f89 100644 --- a/methods/basehttp.cc +++ b/methods/basehttp.cc @@ -830,14 +830,14 @@ unsigned long long BaseHttpMethod::FindMaximumObjectSizeInQueue() const /*{{{*/ } /*}}}*/ BaseHttpMethod::BaseHttpMethod(std::string &&Binary, char const * const Ver,unsigned long const Flags) :/*{{{*/ - aptMethod(std::move(Binary), Ver, Flags), Server(nullptr), PipelineDepth(10), + aptAuthConfMethod(std::move(Binary), Ver, Flags), Server(nullptr), PipelineDepth(10), AllowRedirect(false), Debug(false) { } /*}}}*/ bool BaseHttpMethod::Configuration(std::string Message) /*{{{*/ { - if (aptMethod::Configuration(Message) == false) + if (aptAuthConfMethod::Configuration(Message) == false) return false; _config->CndSet("Acquire::tor::Proxy", |