diff options
Diffstat (limited to 'sbin/ldconfig/ldconfig.c')
-rw-r--r-- | sbin/ldconfig/ldconfig.c | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/sbin/ldconfig/ldconfig.c b/sbin/ldconfig/ldconfig.c index 76f8299..cde4f9a 100644 --- a/sbin/ldconfig/ldconfig.c +++ b/sbin/ldconfig/ldconfig.c @@ -259,6 +259,7 @@ int silent; { DIR *dd; struct dirent *dp; + struct stat stbuf; char name[MAXPATHLEN]; int dewey[MAXDEWEY], ndewey; @@ -269,6 +270,20 @@ int silent; return -1; } + /* Do some security checks */ + if (fstat(dirfd(dd), &stbuf) == -1) { + warn("%s", dir); + return -1; + } + if (stbuf.st_uid != 0) { + warnx("%s: not owned by root", dir); + return -1; + } + if ((stbuf.st_mode & S_IWOTH) != 0) { + warnx("%s: ignoring world-writable directory", dir); + return -1; + } + while ((dp = readdir(dd)) != NULL) { register int n; register char *cp; |