nvi-21-exrc_writability_check.patch (1526B)
1 #! /bin/sh /usr/share/dpatch/dpatch-run 2 ## 21exrc_writability_check.dpatch by <hesso@pool.math.tu-berlin.de> 3 ## 4 ## DP: No description. 5 6 @DPATCH@ 7 diff -Naur nvi-1.81.6.orig/ex/ex_init.c nvi-1.81.6/ex/ex_init.c 8 --- nvi-1.81.6.orig/ex/ex_init.c 2007-11-18 17:41:42.000000000 +0100 9 +++ nvi-1.81.6/ex/ex_init.c 2008-05-01 18:24:45.000000000 +0200 10 @@ -26,6 +26,9 @@ 11 #include <string.h> 12 #include <unistd.h> 13 14 +#include <pwd.h> 15 +#include <grp.h> 16 + 17 #include "../common/common.h" 18 #include "tag.h" 19 #include "pathnames.h" 20 @@ -346,6 +349,9 @@ 21 int nf1, nf2; 22 char *a, *b, buf[MAXPATHLEN]; 23 24 + struct group *grp_p; 25 + struct passwd *pwd_p; 26 + 27 /* Check for the file's existence. */ 28 if (stat(path, sbp)) 29 return (NOEXIST); 30 @@ -359,10 +365,30 @@ 31 } 32 33 /* Check writeability. */ 34 - if (sbp->st_mode & (S_IWGRP | S_IWOTH)) { 35 + if (sbp->st_mode & S_IWOTH) { 36 etype = WRITER; 37 goto denied; 38 } 39 + if (sbp->st_mode & S_IWGRP) { 40 + /* on system error (getgrgid or getpwnam return NULL) set etype to WRITER 41 + * and continue execution */ 42 + if( (grp_p = getgrgid(sbp->st_gid)) == NULL) { 43 + etype = WRITER; 44 + goto denied; 45 + } 46 + 47 + /* lookup the group members' uids for an uid different from euid */ 48 + while( ( *(grp_p->gr_mem) ) != NULL) { /* gr_mem is a null-terminated array */ 49 + if( (pwd_p = getpwnam(*(grp_p->gr_mem)++)) == NULL) { 50 + etype = WRITER; 51 + goto denied; 52 + } 53 + if(pwd_p->pw_uid != euid) { 54 + etype = WRITER; 55 + goto denied; 56 + } 57 + } 58 + } 59 return (RCOK); 60 61 denied: a = msg_print(sp, path, &nf1);