summaryrefslogtreecommitdiff
path: root/apt-pkg/contrib/fileutl.cc
diff options
context:
space:
mode:
authorMichael Vogt <michael.vogt@ubuntu.com>2008-05-28 14:05:04 +0200
committerMichael Vogt <michael.vogt@ubuntu.com>2008-05-28 14:05:04 +0200
commitbe993931c56d0d435e03c80f3afcc31714aec1ba (patch)
treed66129b286dc9896506390d92823697c29133724 /apt-pkg/contrib/fileutl.cc
parentfc2d32c089f035955c81100f2ded7c3f66793dc3 (diff)
parent7822f141da0200d52d166d6569129e3350016955 (diff)
merged from the debian-sid branch
Diffstat (limited to 'apt-pkg/contrib/fileutl.cc')
-rw-r--r--apt-pkg/contrib/fileutl.cc4
1 files changed, 3 insertions, 1 deletions
diff --git a/apt-pkg/contrib/fileutl.cc b/apt-pkg/contrib/fileutl.cc
index 2b7e25080..a5976cf3a 100644
--- a/apt-pkg/contrib/fileutl.cc
+++ b/apt-pkg/contrib/fileutl.cc
@@ -138,7 +138,9 @@ bool CopyFile(FileFd &From,FileFd &To)
close at some time. */
int GetLock(string File,bool Errors)
{
- int FD = open(File.c_str(),O_RDWR | O_CREAT | O_TRUNC,0640);
+ // GetLock() is used in aptitude on directories with public-write access
+ // Use O_NOFOLLOW here to prevent symlink traversal attacks
+ int FD = open(File.c_str(),O_RDWR | O_CREAT | O_NOFOLLOW,0640);
if (FD < 0)
{
// Read only .. cant have locking problems there.