[monit-dev] [monit] r341 committed - Fix fogbugz #46 (A symbolic link should be allowed for the control fil...

[monit]

Revision: 341
Author:   mmo...@tildeslash.com
Date:     Tue Mar 22 14:55:02 2011
Log:      Fix fogbugz #46 (A symbolic link should be allowed for the  
control file) ... the symbolic link can be supported, it shouldn't be  
security issue.


http://code.google.com/p/monit/source/detail?r=341

Modified:
 /trunk/CHANGES.txt
 /trunk/file.c

=======================================
--- /trunk/CHANGES.txt  Tue Mar 22 03:09:08 2011
+++ /trunk/CHANGES.txt  Tue Mar 22 14:55:02 2011
@@ -28,6 +28,8 @@

 * AIX: Fix the M/Monit heartbeat. Thanks to Helen Chen for report.

+* Support symbolic link to monit configuration file.
+


 Version 5.2.4
=======================================
--- /trunk/file.c       Wed Jan 19 10:40:32 2011
+++ /trunk/file.c       Tue Mar 22 14:55:02 2011
@@ -305,8 +305,7 @@
 /**
  * Security check for files. The files must have the same uid as the
  * REAL uid of this process, it must have permissions no greater than
- * "maxpermission" and it must not be a symbolic link.  We check these
- * conditions here.
+ * "maxpermission".
  * @param filename The filename of the checked file
  * @param description The description of the checked file
  * @param permmask The permission mask for the file
@@ -319,24 +318,16 @@
   ASSERT(filename);
   ASSERT(description);

-  if(lstat(filename, &buf) < 0) {
-    LogError("%s: Cannot stat the %s '%s' -- %s\n",
-       prog, description, filename, STRERROR);
+  if(stat(filename, &buf) < 0) {
+    LogError("%s: Cannot stat the %s '%s' -- %s\n", prog, description,  
filename, STRERROR);
     return FALSE;
   }
-  if(S_ISLNK(buf.st_mode)) {
-    LogError("%s: The %s '%s' must not be a symbolic link.\n",
-       prog, description, filename);
-    return(FALSE);
-  }
   if(!S_ISREG(buf.st_mode)) {
-    LogError("%s: The %s '%s' is not a regular file.\n",
-       prog, description,  filename);
+    LogError("%s: The %s '%s' is not a regular file.\n", prog,  
description,  filename);
     return FALSE;
   }
   if(buf.st_uid != geteuid())  {
-    LogError("%s: The %s '%s' must be owned by you.\n",
-       prog, description, filename);
+    LogError("%s: The %s '%s' must be owned by you.\n", prog, description,  
filename);
     return FALSE;
   }
   if((buf.st_mode & 0777 ) & ~permmask) {

_______________________________________________
monit-dev mailing list
monit-dev@nongnu.org
http://lists.nongnu.org/mailman/listinfo/monit-dev