version 1.11.2.5, 2001/09/27 00:15:41 |
version 1.11.2.6, 2001/11/15 00:14:59 |
|
|
char *err, size_t errlen) |
char *err, size_t errlen) |
{ |
{ |
uid_t uid = pw->pw_uid; |
uid_t uid = pw->pw_uid; |
char buf[MAXPATHLEN]; |
char buf[MAXPATHLEN], homedir[MAXPATHLEN]; |
char *cp; |
char *cp; |
struct stat st; |
struct stat st; |
|
|
|
|
strerror(errno)); |
strerror(errno)); |
return -1; |
return -1; |
} |
} |
|
if (realpath(pw->pw_dir, homedir) == NULL) { |
|
snprintf(err, errlen, "realpath %s failed: %s", pw->pw_dir, |
|
strerror(errno)); |
|
return -1; |
|
} |
|
|
/* check the open file to avoid races */ |
/* check the open file to avoid races */ |
if (fstat(fileno(f), &st) < 0 || |
if (fstat(fileno(f), &st) < 0 || |
|
|
} |
} |
|
|
/* If are passed the homedir then we can stop */ |
/* If are passed the homedir then we can stop */ |
if (strcmp(pw->pw_dir, buf) == 0) { |
if (strcmp(homedir, buf) == 0) { |
debug3("secure_filename: terminating check at '%s'", |
debug3("secure_filename: terminating check at '%s'", |
buf); |
buf); |
break; |
break; |