Bug#169928: (no subject)
tags 169928 + patch
thanks
Attached is a patch that fixes the bug. Lightly tested, and it does
change the behaviour - the file will be chmod'd to 600 rather than
000, but whether or not that is desired, who knows.
Cheers,
--
Steve
Russian roulette in bash(1): $((RANDOM%6)) || rm -rf ~
--- remove.c~ 2004-11-12 07:10:03.000000000 +1100
+++ remove.c 2004-11-20 21:18:10.000000000 +1100
@@ -257,22 +257,9 @@
if (errno != ENOTDIR) ohshite(_("cannot remove `%.250s'"),fnvb.buf);
debug(dbg_eachfiledetail, "removal_bulk unlinking `%s'", fnvb.buf);
{
- /*
- * If file to remove is a device or s[gu]id, change its mode
- * so that a malicious user cannot use it even if it's linked
- * to another file
- */
- struct stat stat_buf;
- if (stat(fnvb.buf,&stat_buf)==0) {
- if (S_ISCHR(stat_buf.st_mode) || S_ISBLK(stat_buf.st_mode)) {
- chmod(fnvb.buf,0);
- }
- if (stat_buf.st_mode & (S_ISUID|S_ISGID)) {
- chmod(fnvb.buf,stat_buf.st_mode & ~(S_ISUID|S_ISGID));
- }
- }
- }
- if (unlink(fnvb.buf)) ohshite(_("cannot remove file `%.250s'"),fnvb.buf);
+ int ret = 0;
+ ret = chmodsafe_unlink(*fnvb.buf);
+ if (!ret) ohshite(_("cannot remove file `%.250s'"),fnvb.buf);
}
write_filelist_except(pkg,leftover,0);
maintainer_script_installed(pkg, POSTRMFILE, "post-removal",
Reply to: