[aur-dev] [PATCH] pkgsubmit: correctly set group permssions on extracted files
Dan McGee
dpmcgee at gmail.com
Fri Oct 24 17:07:11 EDT 2008
From: Dan McGee <dan at archlinux.org>
Use the new chmod_group() function to do so.
Signed-off-by: Dan McGee <dan at archlinux.org>
---
NOTE: *completely* untested. I'll let you experienced AUR guys tell me this
patch is completely crap.
-Dan
web/html/pkgsubmit.php | 34 +++++++++++++++++++++-------------
1 files changed, 21 insertions(+), 13 deletions(-)
diff --git a/web/html/pkgsubmit.php b/web/html/pkgsubmit.php
index abd6614..f79860d 100644
--- a/web/html/pkgsubmit.php
+++ b/web/html/pkgsubmit.php
@@ -48,16 +48,20 @@ if ($_COOKIE["AURSID"]):
$error = __("Could not change directory to %s.",
array($tempdir));
} else {
- if ($_FILES['pfile']['name'] == "PKGBUILD") {
- move_uploaded_file($_FILES['pfile']['tmp_name'], $tempdir . "/PKGBUILD");
- } else {
- $tar = new Archive_Tar($_FILES['pfile']['tmp_name']);
- $extract = $tar->extract();
-
- if (!$extract) {
- $error = __("Unknown file format for uploaded file.");
- }
- }
+ if ($_FILES['pfile']['name'] == "PKGBUILD") {
+ move_uploaded_file($_FILES['pfile']['tmp_name'], $tempdir . "/PKGBUILD");
+ } else {
+ $tar = new Archive_Tar($_FILES['pfile']['tmp_name']);
+ $extract = $tar->extract();
+
+ if (!$extract) {
+ $error = __("Unknown file format for uploaded file.");
+ }
+ if (!chmod_group($tempdir)) {
+ $error = __("Could not chmod directory %s.",
+ array($tempdir));
+ }
+ }
}
}
}
@@ -227,11 +231,15 @@ if ($_COOKIE["AURSID"]):
if (!@mkdir(INCOMING_DIR . $pkg_name)) {
$error = __( "Could not create directory %s."
- , INCOMING_DIR . $pkg_name
- );
+ , INCOMING_DIR . $pkg_name);
+ } else {
+ if (!@chmod(INCOMING_DIR . $pkg_name, 0775)) {
+ $error = __( "Could not chmod directory %s."
+ , INCOMING_DIR . $pkg_name);
+ }
}
- rename($pkg_dir, INCOMING_DIR . $pkg_name . "/" . $pkg_name);
+ rename($pkg_dir, INCOMING_DIR . $pkg_name . "/" . $pkg_name);
} else {
$error = __( "You are not allowed to overwrite the %h%s%h package."
, "<b>"
--
1.6.0.3
More information about the aur-dev
mailing list