[pacman-dev] dangerous symlink handling with --root option
Xavier
shiningxc at gmail.com
Tue Aug 21 12:39:30 EDT 2007
On Tue, Aug 21, 2007 at 11:20:33AM -0400, Mister Dobalina wrote:
> Why should /tmp/tmpfs being read-only affect removing
> that symlink? Doing
>
> # mount -o remount,rw /tmp/tmpfs
> # pacman -R symlinktest
>
> works as expected though, and /tmp/tmpfs/file remains
> intact, so I guess there is not really any danger
> here. So it seems pacman can't remove symlinks which
> point to files which live on read-only filesystems,
> which I guess is not such a serious issue, since most
> people don't run with read-only root partitions.
> Curious though.
Yep, there is probably a problem here :
164 /* If we fail write permissions due to a read-only filesystem, abort.
165 * Assume all other possible failures are covered somewhere else */
166 if(access(file, W_OK) == -1) {
167 if(errno != EACCES && access(file, F_OK) == 0) {
168 /* only return failure if the file ACTUALLY exists and we can't write to
169 * it - ignore "chmod -w" simple permission failures */
170 _alpm_log(PM_LOG_ERROR, _("cannot remove file '%s': %s"),
171 file, strerror(errno));
172 return(0);
173 }
174 }
from man access :
access() checks whether the calling process can access the file pathname. If pathname is a symbolic link, it is dereferenced.
More information about the pacman-dev
mailing list