fa86cd9348
earlier could allow local users to delete files and directories (as the user running fileutils) if the user has write access to part of the tree being moved or deleted. http://online.securityfocus.com/archive/1/260936
40 lines
1.4 KiB
Plaintext
40 lines
1.4 KiB
Plaintext
$OpenBSD: patch-src_mv_c,v 1.1 2003/02/25 14:35:43 brad Exp $
|
|
--- src/mv.c.orig Sat Feb 3 11:48:34 2001
|
|
+++ src/mv.c Mon Feb 24 23:21:17 2003
|
|
@@ -1,5 +1,5 @@
|
|
/* mv -- move or rename files
|
|
- Copyright (C) 86, 89, 90, 91, 1995-2001 Free Software Foundation, Inc.
|
|
+ Copyright (C) 86, 89, 90, 91, 1995-2002 Free Software Foundation, Inc.
|
|
|
|
This program is free software; you can redistribute it and/or modify
|
|
it under the terms of the GNU General Public License as published by
|
|
@@ -235,6 +235,19 @@ do_move (const char *source, const char
|
|
struct rm_options rm_options;
|
|
struct File_spec fs;
|
|
enum RM_status status;
|
|
+ static int first_rm = 1;
|
|
+ static struct dev_ino cwd_dev_ino;
|
|
+
|
|
+ if (first_rm)
|
|
+ {
|
|
+ struct stat cwd_sb;
|
|
+ if (lstat (".", &cwd_sb))
|
|
+ error (EXIT_FAILURE, errno, _("cannot lstat `.'"));
|
|
+
|
|
+ first_rm = 0;
|
|
+ cwd_dev_ino.st_dev = cwd_sb.st_dev;
|
|
+ cwd_dev_ino.st_ino = cwd_sb.st_ino;
|
|
+ }
|
|
|
|
rm_option_init (&rm_options);
|
|
rm_options.verbose = x->verbose;
|
|
@@ -247,7 +260,7 @@ do_move (const char *source, const char
|
|
took the else branch of movefile. */
|
|
strip_trailing_slashes_2 (fs.filename);
|
|
|
|
- status = rm (&fs, 1, &rm_options);
|
|
+ status = rm (&fs, 1, &rm_options, &cwd_dev_ino);
|
|
assert (VALID_STATUS (status));
|
|
if (status == RM_ERROR)
|
|
fail = 1;
|