- plug a tiny race on sbit/capability removal
This commit is contained in:
Panu Matilainen
parent
855e5dc18e
commit
c698fc1a8e
|
|
@ -0,0 +1,25 @@
|
|||
commit 26874707edfe73e153383284f9fe33cfd9879bb1
|
||||
Author: Michal Schmidt <mschmidt@redhat.com>
|
||||
Date: Tue Jun 22 15:51:41 2010 +0200
|
||||
|
||||
Revert "If there are no hardlinks, dont bother with s-bit and caps removal"
|
||||
|
||||
Deciding whether it is necessary to remove the SUID bit based on
|
||||
the current link count creates an opportunity for a race condition.
|
||||
A hardlink could be created just between lstat() and chmod().
|
||||
|
||||
This reverts commit 89be57ad9239c9ada0cba94a5003876b456d46bf.
|
||||
|
||||
diff --git a/lib/fsm.c b/lib/fsm.c
|
||||
index 2d972f3..068c65d 100644
|
||||
--- a/lib/fsm.c
|
||||
+++ b/lib/fsm.c
|
||||
@@ -1264,7 +1264,7 @@ static int fsmMkdirs(FSM_t fsm)
|
||||
static void removeSBITS(const char *path)
|
||||
{
|
||||
struct stat stb;
|
||||
- if (lstat(path, &stb) == 0 && S_ISREG(stb.st_mode) && stb.st_nlink > 1) {
|
||||
+ if (lstat(path, &stb) == 0 && S_ISREG(stb.st_mode)) {
|
||||
if ((stb.st_mode & 06000) != 0) {
|
||||
(void) chmod(path, stb.st_mode & 0777);
|
||||
}
|
||||
7
rpm.spec
7
rpm.spec
|
|
@ -21,7 +21,7 @@
|
|||
Summary: The RPM package management system
|
||||
Name: rpm
|
||||
Version: %{rpmver}
|
||||
Release: 1%{?dist}
|
||||
Release: 2%{?dist}
|
||||
Group: System Environment/Base
|
||||
Url: http://www.rpm.org/
|
||||
Source0: http://rpm.org/releases/rpm-4.8.x/%{name}-%{srcver}.tar.bz2
|
||||
|
|
@ -43,6 +43,7 @@ Patch5: rpm-4.8.0-no-man-dirs.patch
|
|||
# Patches already in upstream
|
||||
Patch200: rpm-4.8.0-pythondeps-parallel.patch
|
||||
Patch201: rpm-4.8.0-python-bytecompile.patch
|
||||
Patch202: rpm-4.8.1-nlinks-race.patch
|
||||
|
||||
# These are not yet upstream
|
||||
Patch301: rpm-4.6.0-niagara.patch
|
||||
|
|
@ -191,6 +192,7 @@ packages on a system.
|
|||
|
||||
%patch200 -p1 -b .pythondeps-parallel
|
||||
%patch201 -p1 -b .python-bytecompile
|
||||
%patch202 -p1 -b .nlinks-race
|
||||
|
||||
%patch301 -p1 -b .niagara
|
||||
%patch302 -p1 -b .geode
|
||||
|
|
@ -406,6 +408,9 @@ exit 0
|
|||
%doc doc/librpm/html/*
|
||||
|
||||
%changelog
|
||||
* Wed Jun 30 2010 Panu Matilainen <pmatilai@redhat.com> - 4.8.1-2
|
||||
- plug a tiny race on sbit/capability removal
|
||||
|
||||
* Fri Jun 14 2010 Panu Matilainen <pmatilai@redhat.com> - 4.8.1-1
|
||||
- update to 4.8.1 (http://rpm.org/wiki/Releases/4.8.1)
|
||||
- drop no longer needed patches
|
||||
|
|
|
|||
Loading…
Reference in New Issue