dovecot-2.2: mkdir_parents_chown(): If gid is set, make sure set...

Wed Oct 24 12:15:31 EEST 2012

details:   http://hg.dovecot.org/dovecot-2.2/rev/a7f95f182560
changeset: 15252:a7f95f182560
user:      Timo Sirainen <tss at iki.fi>
date:      Wed Oct 24 12:15:19 2012 +0300
description:
mkdir_parents_chown(): If gid is set, make sure setgid-bit isn't copied from parent.

diffstat:

 src/lib/mkdir-parents.c |  12 ++++++++++++
 src/lib/mkdir-parents.h |   4 +++-
 2 files changed, 15 insertions(+), 1 deletions(-)

diffs (36 lines):

diff -r 5b0ab07024ca -r a7f95f182560 src/lib/mkdir-parents.c

--- a/src/lib/mkdir-parents.c	Wed Oct 24 11:52:14 2012 +0300
+++ b/src/lib/mkdir-parents.c	Wed Oct 24 12:15:19 2012 +0300
@@ -65,6 +65,18 @@
 		i_error("%s) failed: %m", str_c(str));
 		return -1;
 	}
+	if (gid != (gid_t)-1 && (mode & S_ISGID) == 0) {
+		/* make sure the directory doesn't have setgid bit enabled
+		   (in case its parent had) */
+		if (chmod(path, mode) < 0) {
+			orig_errno = errno;
+			if (rmdir(path) < 0)
+				i_error("rmdir(%s) failed: %m", path);
+			errno = orig_errno;
+			i_error("chmod(%s) failed: %m", path);
+			return -1;
+		}
+	}
 	return 0;
 }
 
diff -r 5b0ab07024ca -r a7f95f182560 src/lib/mkdir-parents.h
--- a/src/lib/mkdir-parents.h	Wed Oct 24 11:52:14 2012 +0300
+++ b/src/lib/mkdir-parents.h	Wed Oct 24 12:15:19 2012 +0300
@@ -8,7 +8,9 @@
 
 /* Like mkdir_parents(), but use the given uid/gid for newly created
    directories. (uid_t)-1 or (gid_t)-1 can be used to indicate that it
-   doesn't need to be changed. */
+   doesn't need to be changed. If gid isn't (gid_t)-1 and the parent directory
+   had setgid-bit enabled, it's removed unless explicitly included in the
+   mode. */
 int mkdir_parents_chown(const char *path, mode_t mode, uid_t uid, gid_t gid);
 /* Like mkdir_parents_chown(), but change only group. If chown() fails with
    EACCES, use gid_origin in the error message. */
