Mac sandbox: Don't check permissions of project-created subdirectories under project or slot directories

svn path=/trunk/boinc/; revision=25254
This commit is contained in:
Charlie Fenton 2012-02-14 05:56:09 +00:00
parent 2e820426ca
commit 505fdf703a
2 changed files with 23 additions and 3 deletions

View File

@ -1661,3 +1661,12 @@ Charlie 13 Feb 2012
skin.xml
Charity Engine/
skin.xml
Charlie 13 Feb 2012
- Mac sandbox: In initial permissions check when launching Manager or Client,
don't check project-created subdirectories under project or slot
directories because we have not told projects these must be readable and
executable by group.
client/
check_security.cpp

View File

@ -513,8 +513,14 @@ static int CheckNestedDirectories(char * basepath, int depth,
static int errShown = 0;
dirp = opendir(basepath);
if (dirp == NULL) // Should never happen
retval = -1200;
if (dirp == NULL) { // Should never happen
strlcpy(full_path, basepath, sizeof(full_path));
if ((depth > 1) && (errno == EACCES)) {
return 0;
} else {
retval = -1200;
}
}
while (dirp) { // Skip this if dirp == NULL, else loop until break
dp = readdir(dirp);
@ -586,7 +592,10 @@ static int CheckNestedDirectories(char * basepath, int depth,
if (isDirectory && !S_ISLNK(sbuf.st_mode)) {
if (use_sandbox && (depth > 1)) {
#if 0 // No longer check project-created subdirectories under project or slot directories
// because we have not told projects these must be readable and executable by group
if ((! isManager) && (sbuf.st_uid != boinc_master_uid))
#endif
continue; // Client can't check subdirectories owned by boinc_project
}
retval = CheckNestedDirectories(full_path, depth + 1, use_sandbox, isManager, path_to_error);
@ -596,7 +605,9 @@ static int CheckNestedDirectories(char * basepath, int depth,
} // End while (true)
closedir(dirp);
if (dirp) {
closedir(dirp);
}
if (retval && !errShown) {
fprintf(stderr, "Permissions error %d at %s\n", retval, full_path);