From a2c94a7b83b70f7745dcc35ef145774d7906ad35 Mon Sep 17 00:00:00 2001
From: Charlie Fenton <charlief@example.com>
Date: Wed, 15 Feb 2012 00:00:06 +0000
Subject: [PATCH] Mac sandbox: Don't check permissions of project-created
 subdirectories under project or slot directories

svn path=/trunk/boinc/; revision=25261
---
 client/check_security.cpp | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/client/check_security.cpp b/client/check_security.cpp
index 0e9d859977..e9daee3ec1 100644
--- a/client/check_security.cpp
+++ b/client/check_security.cpp
@@ -513,7 +513,12 @@ static int CheckNestedDirectories(char * basepath, int depth,
     static int      errShown = 0;
 
     dirp = opendir(basepath);
-    if (dirp == NULL) {           // Should never happen
+    if (dirp == NULL) {
+        // Ideally, all project-created subdirectories under project or slot 
+        // directoriesshould have read-by-group and execute-by-group permission 
+        // bits set, but some don't.  If these permission bits are missing, the 
+        // project applications will run OK but we can't access the contents of 
+        // the subdirectory to check them.
         strlcpy(full_path, basepath, sizeof(full_path));
         if ((depth > 1) && (errno == EACCES)) {
             return 0;
@@ -521,7 +526,7 @@ static int CheckNestedDirectories(char * basepath, int depth,
             retval = -1200;
         }
     }
-    
+
     while (dirp) {              // Skip this if dirp == NULL, else loop until break
         dp = readdir(dirp);
         if (dp == NULL)