[dev] [sup] [PATCH] make sup usable in most distros.

From: Markus Teich <markus.teich_AT_stusta.mhn.de>
Date: Fri, 14 Mar 2014 15:49:43 +0100

Most distros install binaries with write permissions for the owner (root). We
don't need to check them, since the owner can always also change the permission.

Also many packaging systems use symlinks to organize different versions or
alternatives of programms. Also busybox style toolkits use symlinks, so we
should follow them.

---
Hello,
I found the sup-tool a little unusable and tried to „fix“ it as described above.
Are there any security considerations, I did not see?
Regards,
Markus
 sup.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/sup.c b/sup.c
index b88d949..7cec6ff 100644
--- a/sup.c
+++ b/sup.c
_AT_@ -72,9 +72,9 @@ int main(int argc, char **argv) {
 				else if (!(cmd = getpath (argv[1])))
 					return die (1, "execv", "cannot find program");
 			} else cmd = rules[i].path;
-			if (lstat (cmd, &st) == -1)
+			if (stat (cmd, &st) == -1)
 				return die (1, "lstat", "cannot stat program");
-			if (st.st_mode & 0222)
+			if (st.st_mode & 0022)
 				return die (1, "stat", "cannot run writable binaries.");
 #endif
 			if (uid != SETUID && rules[i].uid != -1 && rules[i].uid != uid)
-- 
1.8.2

Received on Fri Mar 14 2014 - 15:49:43 CET