/* The below code changes the way file ownership is determined in the name of
fixing dropboxes. It has known security problem. See the netatalk FAQ for
more information */
- if (stat(".", &sb) == -1)
- syslog (LOG_ERR, "Error checking directory %s: %m", dir->d_name);
+ if (stat(".", &sb) < 0) {
+ syslog (LOG_ERR, "afp_createfile: Error checking directory \"%s\": %m", dir->d_name);
+ return(-1);
+ }
else {
uid=geteuid();
if ( uid != sb.st_uid )
strcpy (adpath, "./.AppleDouble/");
strcat (adpath, upath);
seteuid(0); /* Become root to change the owner of the file */
- if (chown(upath, sb.st_uid, sb.st_gid) < 0)
+ if (lchown(upath, sb.st_uid, sb.st_gid) < 0)
{
- syslog (LOG_ERR, "Error changing owner/gid: %m");
+ syslog (LOG_ERR, "afp_createfile: Error changing owner/gid: %m");
return (-1);
}
/* In order to write information to the file, the Mac client needs
stat(upath, &st);
if (chmod(upath,(st.st_mode&0x0FFFF)| S_IRGRP| S_IROTH) < 0)
{
- syslog (LOG_ERR, "Error adding file read permissions: %m");
+ syslog (LOG_ERR, "afp_createfile: Error adding file read permissions: %m");
return (-1);
}
- else syslog (LOG_DEBUG, "Added S_IRGRP and S_IROTH: %m");
- if (chown(adpath, sb.st_uid, sb.st_gid) < 0)
+ else syslog (LOG_DEBUG, "afp_createfile: Added S_IRGRP and S_IROTH: %m");
+ if (lchown(adpath, sb.st_uid, sb.st_gid) < 0)
{
- syslog (LOG_ERR, "Error changing AppleDouble owner/gid: %m");
+ syslog (LOG_ERR, "afp_createfile: Error changing AppleDouble owner/gid: %m");
return (-1);
}
if (chmod(adpath, (st.st_mode&0x0FFFF)| S_IRGRP| S_IROTH) < 0)
{
- syslog (LOG_ERR, "Error adding AD file read permissions: %m");
+ syslog (LOG_ERR, "afp_createfile: Error adding AD file read permissions: %m");
return (-1);
}
- else syslog (LOG_DEBUG, "Added S_IRGRP and S_IROTH to AD: %m");
- syslog (LOG_DEBUG, "Changing afpd owner back to %d", uid);
+ else syslog (LOG_DEBUG, "afp_createfile: Added S_IRGRP and S_IROTH to AD: %m");
+ syslog (LOG_DEBUG, "afp_createfile: Changing afpd owner back to %d", uid);
seteuid(uid); /* Restore process ownership to normal */
}
}
#include <fcntl.h>
#include <dirent.h>
#include <string.h>
+#ifdef DROPKLUDGE
+#include <unistd.h>
+#endif DROPKLUDGE
#include "directory.h"
#include "desktop.h"
#if AD_VERSION > AD_VERSION1
cnid_t id;
#endif
+#ifdef DROPKLUDGE
+ struct stat sb;
+ struct dir *dir;
+ char adpath[50];
+ int uid;
+#endif DROPKLUDGE
*rbuflen = 0;
ibuf += 2;
} else {
rc = renamedir(p, upath, odir, curdir, newname, vol_noadouble(vol));
}
+#ifdef DROPKLUDGE
+ strcpy (adpath, "./.AppleDouble/");
+ strcat (adpath, newname);
+ if (( dir = dirsearch( vol, did )) == NULL ) {
+ syslog (LOG_ERR, "afp_moveandrename: Unable to get directory info.");
+ return( AFPERR_NOOBJ );
+ }
+ else
+ if (stat(".", &sb) < 0) {
+ syslog (LOG_ERR, "afp_moveandrename: Error checking directory \"%s\": %m", dir->d_name);
+ return(-1);
+ }
+ else {
+ uid=geteuid();
+ if ( uid != sb.st_uid )
+ {
+ seteuid(0);
+ if (lchown(newname, sb.st_uid, sb.st_gid) < 0)
+ {
+ syslog (LOG_ERR, "afp_moveandrename: Error changing owner/gid of %s: %m", p);
+ return (-1);
+ }
+ if (lchown(adpath, sb.st_uid, sb.st_gid) < 0)
+ {
+ syslog (LOG_ERR, "afp_moveandrename: Error changing AppleDouble owner/gid %s: %m", adpath);
+ return (-1);
+ }
+ }
+ else
+ syslog (LOG_DEBUG, "No ownership change necessary.");
+ }
+ seteuid(uid); /* Restore process ownership to normal */
+#endif DROPKLUDGE
if ( rc == AFP_OK ) {
#if AD_VERSION > AD_VERSION1
/* renaming may have moved the file/dir across a filesystem */
- if (stat(upath, &st) < 0)
+ if (stat(newname, &st) < 0)
return AFPERR_MISC;
/* fix up the catalog entry */
- cnid_update(vol->v_db, id, &st, curdir->d_did, upath, strlen(upath));
+ cnid_update(vol->v_db, id, &st, curdir->d_did, newname, strlen(newname));
#endif
setvoltime(obj, vol );
}
projects / netatalk.git / commitdiff