Most distros install binaries with write permissions for the owner (root). We
don't need to check them, since the owner can always also change the permission.
Also many packaging systems use symlinks to organize different versions or
alternatives of programms. Also busybox style toolkits use symlinks, so we
should follow them.
---
Heyho,
Thanks, fixed.
Is there an active maintainer for sup?
Regards,
Markus
sup.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/sup.c b/sup.c
index b88d949..0b99834 100644
--- a/sup.c
+++ b/sup.c
@@ -72,9 +72,9 @@ int main(int argc, char **argv) {
else if (!(cmd = getpath (argv[1])))
return die (1, "execv", "cannot find
program");
} else cmd = rules[i].path;
- if (lstat (cmd, &st) == -1)
- return die (1, "lstat", "cannot stat program");
- if (st.st_mode & 0222)
+ if (stat (cmd, &st) == -1)
+ return die (1, "stat", "cannot stat program");
+ if (st.st_mode & 0022)
return die (1, "stat", "cannot run writable
binaries.");
#endif
if (uid != SETUID && rules[i].uid != -1 && rules[i].uid
!= uid)
--
1.8.2
