提交 0e27d842 编写于 作者: C clanger

8140244: Port fix of JDK-8075773 to AIX and possibly MacOSX

Reviewed-by: stuefe, dcubed
上级 5e87dde8
...@@ -201,6 +201,7 @@ static pid_t filename_to_pid(const char* filename) { ...@@ -201,6 +201,7 @@ static pid_t filename_to_pid(const char* filename) {
// the backing store files. Returns true if the directory is considered // the backing store files. Returns true if the directory is considered
// a secure location. Returns false if the statbuf is a symbolic link or // a secure location. Returns false if the statbuf is a symbolic link or
// if an error occurred. // if an error occurred.
//
static bool is_statbuf_secure(struct stat *statp) { static bool is_statbuf_secure(struct stat *statp) {
if (S_ISLNK(statp->st_mode) || !S_ISDIR(statp->st_mode)) { if (S_ISLNK(statp->st_mode) || !S_ISDIR(statp->st_mode)) {
// The path represents a link or some non-directory file type, // The path represents a link or some non-directory file type,
...@@ -209,15 +210,18 @@ static bool is_statbuf_secure(struct stat *statp) { ...@@ -209,15 +210,18 @@ static bool is_statbuf_secure(struct stat *statp) {
return false; return false;
} }
// We have an existing directory, check if the permissions are safe. // We have an existing directory, check if the permissions are safe.
//
if ((statp->st_mode & (S_IWGRP|S_IWOTH)) != 0) { if ((statp->st_mode & (S_IWGRP|S_IWOTH)) != 0) {
// The directory is open for writing and could be subjected // The directory is open for writing and could be subjected
// to a symlink or a hard link attack. Declare it insecure. // to a symlink or a hard link attack. Declare it insecure.
//
return false; return false;
} }
// See if the uid of the directory matches the effective uid of the process. // If user is not root then see if the uid of the directory matches the effective uid of the process.
// uid_t euid = geteuid();
if (statp->st_uid != geteuid()) { if ((euid != 0) && (statp->st_uid != euid)) {
// The directory was not created by this user, declare it insecure. // The directory was not created by this user, declare it insecure.
//
return false; return false;
} }
return true; return true;
...@@ -228,6 +232,7 @@ static bool is_statbuf_secure(struct stat *statp) { ...@@ -228,6 +232,7 @@ static bool is_statbuf_secure(struct stat *statp) {
// the backing store files. Returns true if the directory exists // the backing store files. Returns true if the directory exists
// and is considered a secure location. Returns false if the path // and is considered a secure location. Returns false if the path
// is a symbolic link or if an error occurred. // is a symbolic link or if an error occurred.
//
static bool is_directory_secure(const char* path) { static bool is_directory_secure(const char* path) {
struct stat statbuf; struct stat statbuf;
int result = 0; int result = 0;
......
...@@ -217,9 +217,9 @@ static bool is_statbuf_secure(struct stat *statp) { ...@@ -217,9 +217,9 @@ static bool is_statbuf_secure(struct stat *statp) {
// //
return false; return false;
} }
// See if the uid of the directory matches the effective uid of the process. // If user is not root then see if the uid of the directory matches the effective uid of the process.
// uid_t euid = geteuid();
if (statp->st_uid != geteuid()) { if ((euid != 0) && (statp->st_uid != euid)) {
// The directory was not created by this user, declare it insecure. // The directory was not created by this user, declare it insecure.
// //
return false; return false;
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册