version 1.21.2.1, 2001/09/27 19:03:54 |
version 1.21.2.2, 2001/11/15 00:15:19 |
|
|
char *err, size_t errlen) |
char *err, size_t errlen) |
{ |
{ |
uid_t uid = pw->pw_uid; |
uid_t uid = pw->pw_uid; |
char buf[MAXPATHLEN]; |
char buf[MAXPATHLEN], homedir[MAXPATHLEN]; |
char *cp; |
char *cp; |
struct stat st; |
struct stat st; |
|
|
|
|
strerror(errno)); |
strerror(errno)); |
return -1; |
return -1; |
} |
} |
|
if (realpath(pw->pw_dir, homedir) == NULL) { |
|
snprintf(err, errlen, "realpath %s failed: %s", pw->pw_dir, |
|
strerror(errno)); |
|
return -1; |
|
} |
|
|
/* check the open file to avoid races */ |
/* check the open file to avoid races */ |
if (fstat(fileno(f), &st) < 0 || |
if (fstat(fileno(f), &st) < 0 || |
|
|
} |
} |
|
|
/* If are passed the homedir then we can stop */ |
/* If are passed the homedir then we can stop */ |
if (strcmp(pw->pw_dir, buf) == 0) { |
if (strcmp(homedir, buf) == 0) { |
debug3("secure_filename: terminating check at '%s'", |
debug3("secure_filename: terminating check at '%s'", |
buf); |
buf); |
break; |
break; |