[monit-dev] [monit] r341 committed - Fix fogbugz #46 (A symbolic link sh

monit-dev

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[monit-dev] [monit] r341 committed - Fix fogbugz #46 (A symbolic link sh

From:	monit
Subject:	[monit-dev] [monit] r341 committed - Fix fogbugz #46 (A symbolic link should be allowed for the control fil...
Date:	Tue, 22 Mar 2011 21:56:08 +0000

Revision: 341
Author:   address@hidden
Date:     Tue Mar 22 14:55:02 2011

Log: Fix fogbugz #46 (A symbolic link should be allowed for thecontrol file) ... the symbolic link can be supported, it shouldn't besecurity issue.



http://code.google.com/p/monit/source/detail?r=341

Modified:
 /trunk/CHANGES.txt
 /trunk/file.c

=======================================
--- /trunk/CHANGES.txt  Tue Mar 22 03:09:08 2011
+++ /trunk/CHANGES.txt  Tue Mar 22 14:55:02 2011
@@ -28,6 +28,8 @@

 * AIX: Fix the M/Monit heartbeat. Thanks to Helen Chen for report.

+* Support symbolic link to monit configuration file.
+


 Version 5.2.4
=======================================
--- /trunk/file.c       Wed Jan 19 10:40:32 2011
+++ /trunk/file.c       Tue Mar 22 14:55:02 2011
@@ -305,8 +305,7 @@
 /**
  * Security check for files. The files must have the same uid as the
  * REAL uid of this process, it must have permissions no greater than
- * "maxpermission" and it must not be a symbolic link.  We check these
- * conditions here.
+ * "maxpermission".
  * @param filename The filename of the checked file
  * @param description The description of the checked file
  * @param permmask The permission mask for the file
@@ -319,24 +318,16 @@
   ASSERT(filename);
   ASSERT(description);

-  if(lstat(filename, &buf) < 0) {
-    LogError("%s: Cannot stat the %s '%s' -- %s\n",
-       prog, description, filename, STRERROR);
+  if(stat(filename, &buf) < 0) {

+ LogError("%s: Cannot stat the %s '%s' -- %s\n", prog, description,filename, STRERROR);

     return FALSE;
   }
-  if(S_ISLNK(buf.st_mode)) {
-    LogError("%s: The %s '%s' must not be a symbolic link.\n",
-       prog, description, filename);
-    return(FALSE);
-  }
   if(!S_ISREG(buf.st_mode)) {
-    LogError("%s: The %s '%s' is not a regular file.\n",
-       prog, description,  filename);

+ LogError("%s: The %s '%s' is not a regular file.\n", prog,description, filename);

     return FALSE;
   }
   if(buf.st_uid != geteuid())  {
-    LogError("%s: The %s '%s' must be owned by you.\n",
-       prog, description, filename);

+ LogError("%s: The %s '%s' must be owned by you.\n", prog, description,filename);

     return FALSE;
   }
   if((buf.st_mode & 0777 ) & ~permmask) {

[Prev in Thread]

Current Thread

[Next in Thread]

[monit-dev] [monit] r341 committed - Fix fogbugz #46 (A symbolic link should be allowed for the control fil..., monit <=

Prev by Date: [monit-dev] [monit] r340 committed - * Fix Debian #617259: symbolic links in the filesystem check doesn't w...
Next by Date: [monit-dev] [monit] r342 committed - * Try harder to get FQDN hostname for the host where monit is running....
Previous by thread: [monit-dev] [monit] r340 committed - * Fix Debian #617259: symbolic links in the filesystem check doesn't w...
Next by thread: [monit-dev] [monit] r342 committed - * Try harder to get FQDN hostname for the host where monit is running....
Index(es):
- Date
- Thread