From 79875c5e42eca2e2d05f439da4b0da778385678a Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Wed, 6 Dec 2006 23:52:25 +0000 Subject: [PATCH] * Change the ownership of the current directory to the build user. --- src/nix-setuid-helper/main.cc | 19 ++++++++++++++++--- 1 file changed, 16 insertions(+), 3 deletions(-) diff --git a/src/nix-setuid-helper/main.cc b/src/nix-setuid-helper/main.cc index 6fa87e372..bf70ee089 100644 --- a/src/nix-setuid-helper/main.cc +++ b/src/nix-setuid-helper/main.cc @@ -23,9 +23,22 @@ using namespace nix; static void secureChown(uid_t uidFrom, uid_t uidTo, gid_t gidTo, const Path & path) { - /* Recursively chown `path' to the specified uid and gid, but only - if it is currently owned by the Nix account. */ - /* !!! */ + struct stat st; + if (lstat(path.c_str(), &st) == -1) + throw SysError(format("statting of `%1%'") % path); + + if (st.st_uid != uidFrom) + throw Error(format("path `%1%' owned by the wrong owner") % path); + + if (lchown(path.c_str(), uidTo, gidTo) == -1) + throw SysError(format("changing ownership of `%1%'") % path); + + if (S_ISDIR(st.st_mode)) { + Strings names = readDirectory(path); + for (Strings::iterator i = names.begin(); i != names.end(); ++i) + /* !!! recursion; check stack depth */ + secureChown(uidFrom, uidTo, gidTo, path + "/" + *i); + } }