[pulseaudio-tickets] [Bug 45656] lacks handling of (not-so-)special cases in pa_make_secure_dir()

Mon May 16 20:28:55 UTC 2016

https://bugs.freedesktop.org/show_bug.cgi?id=45656

--- Comment #12 from Marc Mengel <mengel at fnal.gov> ---

I'll pile on here, for the moment; there's one other related issue; 
I've recently ended up on a new configured-to-be-ultra-secure(?) 
shared NFS home area where I cannot change group ownership.
(it's actually kerberos nfs4 ACL's, and thus they want the group 
permissions turned off...) 

Now pulseaudio complains that it cannot make a secure directory,
because it tries to chgrp it, and that fails.  The funny thing is,
it makes it mode 0700, so the group ownership is moot anyhow.

So I propose the following:
*** ./src/pulsecore/core-util.c.orig    2016-05-16 15:13:39.281228492 -0500
--- ./src/pulsecore/core-util.c 2016-05-16 14:39:39.193214811 -0500
***************
*** 268,274 ****
  #ifndef OS_IS_WIN32
      if (!S_ISDIR(st.st_mode) ||
          (st.st_uid != uid) ||
!         (st.st_gid != gid) || 
          ((st.st_mode & 0777) != m)) {
          errno = EACCES;
          goto fail;
--- 268,275 ----
  #ifndef OS_IS_WIN32
      if (!S_ISDIR(st.st_mode) ||
          (st.st_uid != uid) ||
!          /* we only care about gid if its being used... */
!         (st.st_gid != gid && st.st_mode & 070 != 0) || 
          ((st.st_mode & 0777) != m)) {
          errno = EACCES;
          goto fail;

This works great for me; basically we don't check the group ownership
if the group bits are turned off in the mode; and voila, lovely audio again.

-- 
You are receiving this mail because:
You are the QA Contact for the bug.
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.freedesktop.org/archives/pulseaudio-bugs/attachments/20160516/4934c2bd/attachment.html>