From 82e370b360798dcc8cdf41f68744788e503bb8a2 Mon Sep 17 00:00:00 2001
From: "Jay Freeman (saurik)" <saurik@saurik.com>
Date: Sat, 25 Oct 2014 05:24:11 -0700
Subject: Carefully set NSFileProtectionNone inside of /var.

---
 postinst.mm | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

(limited to 'postinst.mm')

diff --git a/postinst.mm b/postinst.mm
index 405b317..bbef4c8 100644
--- a/postinst.mm
+++ b/postinst.mm
@@ -24,6 +24,17 @@ void Finish(const char *finish) {
     fclose(fout);
 }
 
+static bool FixProtections() {
+    for (const char *path : (const char *[]) {"/var/lib", "/var/cache", "/var/stash"}) {
+        mkdir(path, 0755);
+        if (system([[NSString stringWithFormat:@"/usr/libexec/cydia/setnsfpn %s", path] UTF8String]) != 0) {
+            fprintf(stderr, "failed to setnsfpn %s\n", path);
+            return false;
+        }
+    }
+    return true;
+}
+
 static void FixPermissions() {
     DIR *stash(opendir("/var/stash"));
     if (stash == NULL)
@@ -125,6 +136,10 @@ int main(int argc, const char *argv[]) {
 
     NSAutoreleasePool *pool([[NSAutoreleasePool alloc] init]);
 
+    if (kCFCoreFoundationVersionNumber >= 1000)
+        if (!FixProtections())
+            return 1;
+
     size_t size;
     sysctlbyname("kern.osversion", NULL, &size, NULL, 0);
     char *osversion = new char[size];
-- 
cgit v1.2.3