view previous-work/more_control_helpers/lib/install @ 20:c75924bd38e3

fix security hole relating to path for package user.
author Robert McIntyre <rlm@mit.edu>
date Thu, 10 Jan 2013 04:25:17 +0000
parents d6bef198ae71
children
line wrap: on
line source
1 #!/bin/bash
2 # Copyright (c) 2000,2004 Matthias S. Benkmann <article AT winterdrache DOT de>
3 # You may do everything with this code except misrepresent its origin.
4 # PROVIDED `AS IS' WITH ABSOLUTELY NO WARRANTY OF ANY KIND!
6 manpagesowner=man-pages
7 localedir=/usr/share/locale
8 cmdline="$@"
10 DAISY_CHAIN=""
12 for p in $(type -ap install) ; do
13 if [ ! $p -ef $0 ]; then DAISY_CHAIN=$p ; break ; fi
14 done
16 if [ ! -n "$DAISY_CHAIN" ]; then
17 echo Cannot find real ${0##*/} command
18 exit 1
19 fi
21 if [ $UID == 0 ]; then
22 exec $DAISY_CHAIN "$@"
23 fi
25 #kill unused -c parameter if we get it
26 if [ z"$1" = z"-c" ]; then shift 1 ; fi
28 #********** test if we create directories ********************
29 if [ \( z"$1" = z"-d" \) -o \( z"$1" = z"-m" -a z"$3" = z"-d" \) ]; then
30 locdirs=""
31 notify=0
32 havedir=0
33 for((i=$#; $i>0; ))
34 do
35 a="$1"
36 shift 1; i=$(($i-1))
37 case "$a" in
38 -o|-g|--owner|--group) notify=1
39 shift 1; i=$(($i-1))
40 set -- "$@"
41 ;;
42 $localedir/*) if [ ! -d "$a" ]; then
43 locdirs="$locdirs ""`expr $a : "$localedir/\(.*\)"`"
44 set -- "$@" "$a"
45 havedir=1
46 else
47 notify=1
48 set -- "$@"
49 fi
50 ;;
51 */*|/sbin) if [ ! -d "$a" ]; then
52 set -- "$@" "$a"
53 havedir=1
54 else
55 notify=1
56 set -- "$@"
57 fi
58 ;;
59 *) set -- "$@" "$a" ;;
60 esac
61 done
63 test $notify -eq 1 -o z"$locdirs" != z && \
64 echo 1>&2 '***' install "$cmdline"
66 test $havedir -eq 0 && exit 0
68 $DAISY_CHAIN "$@" || exit $?
70 test z"$locdirs" != z &&
71 for dir in $locdirs ; do
72 cumuldir=""
73 for d in `echo $locdirs | sed 's#/# #g' -` ; do
74 cumuldir=$cumuldir$d/
75 if [ -d $localedir/$cumuldir ]; then
76 chgrp install $localedir/$cumuldir
77 chmod g+w,o+t $localedir/$cumuldir
78 fi
79 done
80 done
82 else #if "$1" != "-d" ,i.e. we do not create directories *****************
83 notify=0
84 for((i=$# ; $i>0; ))
85 do
86 a="$1"
87 shift 1; i=$(($i-1))
88 case "$a" in
89 -m) set -- "$@" "$a"
90 a="$1"
91 shift 1; i=$(($i-1))
92 case "$a" in
93 4755) notify=1 ; set -- "$@" "755" ;;
94 4775) notify=1 ; set -- "$@" "755" ;;
95 4711) notify=1 ; set -- "$@" "711" ;;
96 *) set -- "$@" "$a" ;;
97 esac
98 ;;
99 -m4755) notify=1 ; set -- "$@" "-m755" ;;
100 -m4775) notify=1 ; set -- "$@" "-m755" ;;
101 -m4711) notify=1 ; set -- "$@" "-m711" ;;
102 -o|-g|--owner|--group) notify=1
103 shift 1; i=$(($i-1))
104 set -- "$@"
105 ;;
106 */man/man?/*)
107 if [ -e "$a" -a ! -O "$a" ]; then
108 if [ `find "$a" -printf \%u` = $manpagesowner ]; then
109 notify=1
110 set -- "$@" not_installed
111 else
112 set -- "$@" "$a"
113 fi
114 else
115 set -- "$@" "$a"
116 fi
117 ;;
118 *) set -- "$@" "$a" ;;
119 esac
120 done
122 test $notify -eq 1 && echo 1>&2 '***' install "$cmdline"
124 $DAISY_CHAIN "$@" || exit $?
125 fi
127 exit 0