mirror of
https://github.com/vgough/encfs.git
synced 2024-11-21 23:43:26 +01:00
Correctly use setgid/setuid with allow_other
- use these functions in the correct order ; - correctly check for their return code. This helps to correct #398.
This commit is contained in:
parent
f5d37d2c65
commit
e0f10e2517
@ -501,11 +501,21 @@ int DirNode::mkdir(const char *plaintextPath, mode_t mode, uid_t uid,
|
||||
// if uid or gid are set, then that should be the directory owner
|
||||
int olduid = -1;
|
||||
int oldgid = -1;
|
||||
if (uid != 0) {
|
||||
olduid = setfsuid(uid);
|
||||
}
|
||||
if (gid != 0) {
|
||||
oldgid = setfsgid(gid);
|
||||
if (oldgid == -1) {
|
||||
int eno = errno;
|
||||
RLOG(DEBUG) << "setfsgid error: " << strerror(eno);
|
||||
return -EPERM;
|
||||
}
|
||||
}
|
||||
if (uid != 0) {
|
||||
olduid = setfsuid(uid);
|
||||
if (olduid == -1) {
|
||||
int eno = errno;
|
||||
RLOG(DEBUG) << "setfsuid error: " << strerror(eno);
|
||||
return -EPERM;
|
||||
}
|
||||
}
|
||||
|
||||
int res = ::mkdir(cyName.c_str(), mode);
|
||||
|
@ -154,14 +154,6 @@ int FileNode::mknod(mode_t mode, dev_t rdev, uid_t uid, gid_t gid) {
|
||||
int res;
|
||||
int olduid = -1;
|
||||
int oldgid = -1;
|
||||
if (uid != 0) {
|
||||
olduid = setfsuid(uid);
|
||||
if (olduid == -1) {
|
||||
int eno = errno;
|
||||
RLOG(DEBUG) << "setfsuid error: " << strerror(eno);
|
||||
return -EPERM;
|
||||
}
|
||||
}
|
||||
if (gid != 0) {
|
||||
oldgid = setfsgid(gid);
|
||||
if (oldgid == -1) {
|
||||
@ -170,6 +162,14 @@ int FileNode::mknod(mode_t mode, dev_t rdev, uid_t uid, gid_t gid) {
|
||||
return -EPERM;
|
||||
}
|
||||
}
|
||||
if (uid != 0) {
|
||||
olduid = setfsuid(uid);
|
||||
if (olduid == -1) {
|
||||
int eno = errno;
|
||||
RLOG(DEBUG) << "setfsuid error: " << strerror(eno);
|
||||
return -EPERM;
|
||||
}
|
||||
}
|
||||
|
||||
/*
|
||||
* cf. xmp_mknod() in fusexmp.c
|
||||
|
@ -41,8 +41,7 @@ static __inline int setfsuid(uid_t uid) {
|
||||
uid_t olduid = geteuid();
|
||||
|
||||
if (seteuid(uid) != 0) {
|
||||
int eno = errno;
|
||||
VLOG(1) << "seteuid error: " << strerror(eno);
|
||||
return -1;
|
||||
}
|
||||
|
||||
return olduid;
|
||||
@ -52,8 +51,7 @@ static __inline int setfsgid(gid_t gid) {
|
||||
gid_t oldgid = getegid();
|
||||
|
||||
if (setegid(gid) != 0) {
|
||||
int eno = errno;
|
||||
VLOG(1) << "setfsgid error: " << strerror(eno);
|
||||
return -1;
|
||||
}
|
||||
|
||||
return oldgid;
|
||||
|
Loading…
Reference in New Issue
Block a user