Re: [LIBREPORT PATCH] dd: move dir accessibility check from abrt to libreport

[Jiri Moskovcak]

- compiles ok
- reporting works

- ack

On 01/22/2013 04:19 PM, Jakub Filak wrote:

- related to trac#927

Signed-off-by: Jakub Filak <jfi...@redhat.com>
---
  src/include/dump_dir.h |  4 ++++
  src/lib/dump_dir.c     | 51 ++++++++++++++++++++++++++++++++++++++++++++++++++
  2 files changed, 55 insertions(+)

diff --git a/src/include/dump_dir.h b/src/include/dump_dir.h
index 0a6a1b0..21169c8 100644
--- a/src/include/dump_dir.h
+++ b/src/include/dump_dir.h
@@ -114,6 +114,10 @@ report_result_t *find_in_reported_to(struct dump_dir *dd, 
const char *prefix);


  void delete_dump_dir(const char *dirname);
+/* Checks dump dir accessibility for particular uid
+ * Returns non zero if dump dir is accessible otherwise return 0 value.
+ */
+int dump_dir_accessible_by_uid(const char *dirname, uid_t uid);

  #ifdef __cplusplus
  }
diff --git a/src/lib/dump_dir.c b/src/lib/dump_dir.c
index e7e6e33..981f5e6 100644
--- a/src/lib/dump_dir.c
+++ b/src/lib/dump_dir.c
@@ -1152,3 +1152,54 @@ void delete_dump_dir(const char *dirname)
          dd_delete(dd);
      }
  }
+
+#if DUMP_DIR_OWNED_BY_USER == 0
+static bool uid_in_group(uid_t uid, gid_t gid)
+{
+    char **tmp;
+    struct passwd *pwd = getpwuid(uid);
+
+    if (!pwd)
+        return FALSE;
+
+    if (pwd->pw_gid == gid)
+        return TRUE;
+
+    struct group *grp = getgrgid(gid);
+    if (!(grp && grp->gr_mem))
+        return FALSE;
+
+    for (tmp = grp->gr_mem; *tmp != NULL; tmp++)
+    {
+        if (g_strcmp0(*tmp, pwd->pw_name) == 0)
+        {
+            VERB3 log("user %s belongs to group: %s",  pwd->pw_name, 
grp->gr_name);
+            return TRUE;
+        }
+    }
+
+    VERB2 log("user %s DOESN'T belong to group: %s",  pwd->pw_name, 
grp->gr_name);
+    return FALSE;
+}
+#endif
+
+int dump_dir_accessible_by_uid(const char *dirname, uid_t uid)
+{
+    struct stat statbuf;
+    if (stat(dirname, &statbuf) != 0 || !S_ISDIR(statbuf.st_mode))
+        errno = ENOTDIR;
+    else
+    {
+#if DUMP_DIR_OWNED_BY_USER > 0
+        if (uid == 0 || (statbuf.st_mode & S_IROTH) || uid == statbuf.st_uid)
+#else
+        if (uid == 0 || (statbuf.st_mode & S_IROTH) || uid_in_group(uid, 
statbuf.st_gid))
+#endif
+        {
+            VERB1 log("directory '%s' is accessible by %ld uid", dirname, 
(long)uid);
+            return 1;
+        }
+    }
+
+    return 0;
+}