[monit-dev] [monit] r341 committed - Fix fogbugz #46 (A symbolic link should be allowed for the control fil...

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

[monit-dev] [monit] r341 committed - Fix fogbugz #46 (A symbolic link should be allowed for the control fil...

monit-2
Revision: 341
Author:   [hidden email]
Date:     Tue Mar 22 14:55:02 2011
Log:      Fix fogbugz #46 (A symbolic link should be allowed for the  
control file) ... the symbolic link can be supported, it shouldn't be  
security issue.


http://code.google.com/p/monit/source/detail?r=341

Modified:
  /trunk/CHANGES.txt
  /trunk/file.c

=======================================
--- /trunk/CHANGES.txt Tue Mar 22 03:09:08 2011
+++ /trunk/CHANGES.txt Tue Mar 22 14:55:02 2011
@@ -28,6 +28,8 @@

  * AIX: Fix the M/Monit heartbeat. Thanks to Helen Chen for report.

+* Support symbolic link to monit configuration file.
+


  Version 5.2.4
=======================================
--- /trunk/file.c Wed Jan 19 10:40:32 2011
+++ /trunk/file.c Tue Mar 22 14:55:02 2011
@@ -305,8 +305,7 @@
  /**
   * Security check for files. The files must have the same uid as the
   * REAL uid of this process, it must have permissions no greater than
- * "maxpermission" and it must not be a symbolic link.  We check these
- * conditions here.
+ * "maxpermission".
   * @param filename The filename of the checked file
   * @param description The description of the checked file
   * @param permmask The permission mask for the file
@@ -319,24 +318,16 @@
    ASSERT(filename);
    ASSERT(description);

-  if(lstat(filename, &buf) < 0) {
-    LogError("%s: Cannot stat the %s '%s' -- %s\n",
- prog, description, filename, STRERROR);
+  if(stat(filename, &buf) < 0) {
+    LogError("%s: Cannot stat the %s '%s' -- %s\n", prog, description,  
filename, STRERROR);
      return FALSE;
    }
-  if(S_ISLNK(buf.st_mode)) {
-    LogError("%s: The %s '%s' must not be a symbolic link.\n",
- prog, description, filename);
-    return(FALSE);
-  }
    if(!S_ISREG(buf.st_mode)) {
-    LogError("%s: The %s '%s' is not a regular file.\n",
- prog, description,  filename);
+    LogError("%s: The %s '%s' is not a regular file.\n", prog,  
description,  filename);
      return FALSE;
    }
    if(buf.st_uid != geteuid())  {
-    LogError("%s: The %s '%s' must be owned by you.\n",
- prog, description, filename);
+    LogError("%s: The %s '%s' must be owned by you.\n", prog, description,  
filename);
      return FALSE;
    }
    if((buf.st_mode & 0777 ) & ~permmask) {

_______________________________________________
monit-dev mailing list
[hidden email]
http://lists.nongnu.org/mailman/listinfo/monit-dev