diff options
| -rw-r--r-- | ChangeLog | 4 | ||||
| -rw-r--r-- | libsandbox.c | 3 |
2 files changed, 6 insertions, 1 deletions
@@ -2,6 +2,10 @@ # Copyright 1999-2004 Gentoo Foundation; Distributed under the GPL v2 # $Header$ + 22 Mar 2005; Martin Schlemmer <azarah@gentoo.org> libsandbox.c: + Allow lchown a symlink in write-allowed path pointing to write-denied + target. + 21 Mar 2005; Marius Mauch <genone@gentoo.org> libsandbox.c: Also show resolved symlink names in the log. diff --git a/libsandbox.c b/libsandbox.c index d90f41a..1b577d4 100644 --- a/libsandbox.c +++ b/libsandbox.c @@ -1178,7 +1178,8 @@ static int check_access(sbcontext_t * sbcontext, const char *func, const char *p * passed path is writable, and if so, check if its a * symlink, and give access only if the resolved path * of the symlink's parent also have write access. */ - if ((0 == strncmp(func, "unlink", 6)) && + if (((0 == strncmp(func, "unlink", 6)) || + (0 == strncmp(func, "lchown", 6))) && ((-1 != lstat(path, &st)) && (S_ISLNK(st.st_mode)))) { int hresult = -1; |