diff options
author | Timo Teräs <timo.teras@iki.fi> | 2012-05-01 15:40:31 +0300 |
---|---|---|
committer | Timo Teräs <timo.teras@iki.fi> | 2012-05-01 15:40:31 +0300 |
commit | c9a43a14697fa955f31e495a8b03a523975ad285 (patch) | |
tree | 411d2a11bf2415f452e5dbae4e72d744b43e4309 | |
parent | 38c1e65afbb334af0107c6bdd5362303473d866f (diff) | |
download | apk-tools-c9a43a14697fa955f31e495a8b03a523975ad285.tar.gz apk-tools-c9a43a14697fa955f31e495a8b03a523975ad285.tar.bz2 apk-tools-c9a43a14697fa955f31e495a8b03a523975ad285.tar.xz apk-tools-c9a43a14697fa955f31e495a8b03a523975ad285.zip |
audit: apply protected_paths.d masks to individual files
-rw-r--r-- | src/audit.c | 21 |
1 files changed, 18 insertions, 3 deletions
diff --git a/src/audit.c b/src/audit.c index 071ff4d..03f977b 100644 --- a/src/audit.c +++ b/src/audit.c @@ -14,6 +14,7 @@ #include <fcntl.h> #include <unistd.h> #include <dirent.h> +#include <fnmatch.h> #include <sys/stat.h> #include "apk_applet.h" #include "apk_database.h" @@ -199,14 +200,28 @@ recurse_check: atctx->pathlen--; } else { struct apk_db_file *dbf; + struct apk_protected_path_array *ppaths = dbd->protected_paths; + int i, protected = dbd->protected, symlinks_only = dbd->symlinks_only; + + /* inherit file's protection mask */ + for (i = 0; i < ppaths->num; i++) { + struct apk_protected_path *ppath = &ppaths->item[i]; + char *slash = strchr(ppath->relative_pattern, '/'); + if (slash == NULL) { + if (fnmatch(ppath->relative_pattern, name, FNM_PATHNAME) != 0) + continue; + protected = ppath->protected; + symlinks_only = ppath->symlinks_only; + } + } if (actx->mode == MODE_BACKUP) { - if (!dbd->protected) + if (!protected) goto done; - if (dbd->symlinks_only && !S_ISLNK(fi.mode)) + if (symlinks_only && !S_ISLNK(fi.mode)) goto done; } else { - if (dbd->protected) + if (protected) goto done; } |