On 2013-04-06 18:33, Michael Stapelberg wrote: > Hi Niels, > > [...] > Okay, so how about this? > > sub check_init_script { > my ($pkg, $info, $file) = @_; > > my $lsb_source_seen; > my $path = $info->index ($file); > unless ($path->is_regular_file || > ($path->is_symlink && defined($path->link_resolved))) { > tag 'init-script-is-not-a-file', $file; > } > open(my $fh, '<', $info->unpacked($file)) > or fail "cannot open $file: $!"; > # … > } > > [...]
I thought this was safe, but it does have an issue as well. Consider symlink chaining: safe-symlink -> unsafe-symlink unsafe-symlink -> ../../../../etc/passwd $path->link_resolved will approve "safe-symlink" because it can be resolved safely. However, it does not check that the target is also a safe symlink - so a loop/recursion is needed. That said, using the new "is_ancestor_of" (from L::Util) is probably a lot easier to use correctly. Basically: use Lintian::Util qw(is_ancestor_of); [...] my $unpacked_file = $info->unpacked($file); if ( -f $unpacked_file && is_ancestor_of($info->unpacked, $unpacked_file)) { # exists, is a file and within the package root. open(my $fd, '<', $unpacked_file) or fail "..." [...] } else { # unsafe, is not a file or does not exist [...] } ~Niels -- To UNSUBSCRIBE, email to debian-lint-maint-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/516d82b4.6080...@thykier.net