- ack
On 01/22/2013 04:30 PM, Jakub Filak wrote:
- we allow users to take ownership of dump dir but abrt-server doesn't
allow to delete taken dump dirs, because abrt-server compares dump
dir's UID element to caller's UID
- solution: don't compare dump dir's UID element to caller's uid, just
check file system rights like abrt-dbus
- closes rhbz#895742
Signed-off-by: Jakub Filak <[email protected]>
---
src/daemon/abrt-server.c | 30 ++++++++----------------------
1 file changed, 8 insertions(+), 22 deletions(-)
diff --git a/src/daemon/abrt-server.c b/src/daemon/abrt-server.c
index eb94465..98d6db0 100644
--- a/src/daemon/abrt-server.c
+++ b/src/daemon/abrt-server.c
@@ -184,33 +184,19 @@ static int delete_path(const char *dump_dir_name)
return 400; /* Bad Request */
}
- struct dump_dir *dd = dd_opendir(dump_dir_name, /*flags:*/ 0);
- if (!dd)
- return 404; /* Not Found */
-
- if (client_uid != 0) /* not called by root */
+ if (!dump_dir_accessible_by_uid(dump_dir_name, client_uid))
{
- char client_uid_str[sizeof(long) * 3 + 2];
- sprintf(client_uid_str, "%ld", (long)client_uid);
-
- char *uid = dd_load_text_ext(dd, FILENAME_UID, DD_FAIL_QUIETLY_ENOENT
| DD_LOAD_TEXT_RETURN_NULL_ON_FAILURE);
- /* we assume that the dump_dir can be handled by everyone if uid ==
NULL
- * e.g: kerneloops
- */
- if (uid != NULL)
+ if (errno == ENOTDIR)
{
- bool uid_matches = (strcmp(uid, client_uid_str) == 0);
- free(uid);
- if (!uid_matches)
- {
- dd_close(dd);
- error_msg("Problem directory '%s' can't be accessed by user with
uid %ld", dump_dir_name, (long)client_uid);
- return 403; /* Forbidden */
- }
+ error_msg("Path '%s' isn't problem directory", dump_dir_name);
+ return 404; /* Not Found */
}
+
+ error_msg("Problem directory '%s' can't be accessed by user with uid
%ld", dump_dir_name, (long)client_uid);
+ return 403; /* Forbidden */
}
- dd_delete(dd);
+ delete_dump_dir(dump_dir_name);
return 0; /* success */
}
