fsmStage: be careful with file permissions on package removal or upgrade

Do not erase permissions from regular files on package removal or upgrade unless these files are both setXid and executable. It is legal to have regular system files linked somewhere, e.g. by chrooted installs, so we must be careful not to break these files.
2011-11-30 17:07:27 +00:00 · 2011-11-30 17:07:27 +00:00 · 3946369bfb
commit 3946369bfb
parent fa49acf430
1 changed files with 10 additions and 2 deletions
--- a/lib/fsm.c
+++ b/lib/fsm.c
@ -1240,6 +1240,10 @@ static int fsmStat(FSM_t fsm)
 	((_x)[sizeof("/dev/log")-1] == '\0' || \
 	 (_x)[sizeof("/dev/log")-1] == ';'))

+#define IS_STAT_SETXID(m) ((m) & (S_ISUID | S_ISGID))
+#define IS_STAT_EXEC(m) ((m) & (S_IXUSR | S_IXGRP | S_IXOTH))
+#define IS_STAT_SETXID_EXEC(m) (IS_STAT_SETXID(m) && IS_STAT_EXEC(m))
+
 /*@-compmempass@*/
 int fsmStage(FSM_t fsm, fileStage stage)
 {
@ -1910,7 +1914,9 @@ if (!(fsm->mapFlags & CPIO_ALL_HARDLINKS)) break;
 	    struct stat stb;
 	    int saved_errno;
 	    int saved_rc = lstat(fsm->path, &stb);
-	    if (!saved_rc && !S_ISLNK(stb.st_mode))
+	    if (!saved_rc && !S_ISLNK(stb.st_mode) &&
+		(!S_ISREG(stb.st_mode) || IS_STAT_SETXID_EXEC(stb.st_mode))
+	       )
 		saved_rc = chmod(fsm->path, 0);
 	    saved_errno = errno;
 	    if (saved_rc && saved_errno == ENOENT)
@ -1931,7 +1937,9 @@ if (!(fsm->mapFlags & CPIO_ALL_HARDLINKS)) break;
 	    struct stat stb;
 	    int saved_errno;
 	    int saved_rc = lstat(fsm->path, &stb);
-	    if (!saved_rc && !S_ISLNK(stb.st_mode))
+	    if (!saved_rc && !S_ISLNK(stb.st_mode) &&
+		(!S_ISREG(stb.st_mode) || IS_STAT_SETXID_EXEC(stb.st_mode))
+	       )
 		saved_rc = chmod(fsm->path, 0);
 	    saved_errno = errno;
 	    if (saved_rc && saved_errno == ENOENT)