From 0940230dd6710ff5b555bed8be3d75ae0d150a08 Mon Sep 17 00:00:00 2001
From: David Kalnischkies <david@kalnischkies.de>
Date: Fri, 9 Oct 2015 22:25:13 +0200
Subject: drop privileges in file:// method as we do for decompressors

We drop it in decompressors, which are the natural next step, so if an
archive is used which isn't worldreadable (= not accessible by _apt) it
doesn't work anyway, so we just fail a bit earlier now and avoid all the
bad things which can happen over file (which could very well still be a
network resourc via NFS mounts or similar stuff, so hardly as safe as
the name might suggest at first).
---
 methods/file.cc | 14 ++++++++++++--
 1 file changed, 12 insertions(+), 2 deletions(-)

(limited to 'methods/file.cc')

diff --git a/methods/file.cc b/methods/file.cc
index 40e85bce5..b689de619 100644
--- a/methods/file.cc
+++ b/methods/file.cc
@@ -31,11 +31,21 @@
 class FileMethod : public pkgAcqMethod
 {
    virtual bool Fetch(FetchItem *Itm) APT_OVERRIDE;
-   
+   virtual bool Configuration(std::string Message) APT_OVERRIDE;
+
    public:
-   
+
    FileMethod() : pkgAcqMethod("1.0",SingleInstance | SendConfig | LocalOnly) {};
 };
+bool FileMethod::Configuration(std::string Message)
+{
+   if (pkgAcqMethod::Configuration(Message) == false)
+      return false;
+
+   DropPrivsOrDie();
+
+   return true;
+}
 
 // FileMethod::Fetch - Fetch a file					/*{{{*/
 // ---------------------------------------------------------------------
-- 
cgit v1.2.3