summaryrefslogtreecommitdiff
path: root/src/database.c
diff options
context:
space:
mode:
authorTimo Teras <timo.teras@iki.fi>2009-07-30 10:42:20 +0300
committerTimo Teras <timo.teras@iki.fi>2009-07-30 10:42:20 +0300
commit5b48b855600aa316e3c9385e998c68ad757794a2 (patch)
tree05a0c84623a1360a513aa13f4e6192e969ea5060 /src/database.c
parent60c668f1dccc77800548ec54587724ee9e61f4e3 (diff)
downloadapk-tools-5b48b855600aa316e3c9385e998c68ad757794a2.tar.gz
apk-tools-5b48b855600aa316e3c9385e998c68ad757794a2.tar.bz2
apk-tools-5b48b855600aa316e3c9385e998c68ad757794a2.tar.xz
apk-tools-5b48b855600aa316e3c9385e998c68ad757794a2.zip
audit: protection mask for "symlinks only"
and use it for /etc/init.d by default. fixes #99.
Diffstat (limited to 'src/database.c')
-rw-r--r--src/database.c26
1 files changed, 20 insertions, 6 deletions
diff --git a/src/database.c b/src/database.c
index f308e48..968d55e 100644
--- a/src/database.c
+++ b/src/database.c
@@ -235,11 +235,25 @@ static struct apk_db_dir *apk_db_dir_get(struct apk_database *db,
dir->flags = dir->parent->flags;
for (i = 0; i < db->protected_paths->num; i++) {
- if (db->protected_paths->item[i][0] == '-' &&
- strcmp(&db->protected_paths->item[i][1], dir->name) == 0)
- dir->flags &= ~APK_DBDIRF_PROTECTED;
- else if (strcmp(db->protected_paths->item[i], dir->name) == 0)
- dir->flags |= APK_DBDIRF_PROTECTED;
+ int flags = dir->flags, j;
+
+ flags |= APK_DBDIRF_PROTECTED;
+ for (j = 0; ; j++) {
+ switch (db->protected_paths->item[i][j]) {
+ case '-':
+ flags &= ~(APK_DBDIRF_PROTECTED |
+ APK_DBDIRF_SYMLINKS_ONLY);
+ continue;
+ case '*':
+ flags |= APK_DBDIRF_SYMLINKS_ONLY |
+ APK_DBDIRF_PROTECTED;
+ continue;
+ }
+ break;
+ }
+
+ if (strcmp(&db->protected_paths->item[i][j], dir->name) == 0)
+ dir->flags = flags;
}
return dir;
@@ -895,7 +909,7 @@ int apk_db_open(struct apk_database *db, const char *root, unsigned int flags)
}
}
- blob = APK_BLOB_STR("etc:-etc/init.d");
+ blob = APK_BLOB_STR("etc:*etc/init.d");
apk_blob_for_each_segment(blob, ":", add_protected_path, db);
if (root != NULL) {