diff options
author | Matthias Clasen <mclasen@redhat.com> | 2019-03-04 19:47:11 +0000 |
---|---|---|
committer | Philip Withnall <philip@tecnocode.co.uk> | 2019-03-04 19:47:11 +0000 |
commit | 147ac51f902fc2a6b6e98e823ea0bf7058ce0f8d (patch) | |
tree | 83ce0a3517135eed8e44550c625cb406f63d8756 /gio/gtrashportal.c | |
parent | 7fa9a2a5da3b925191f401825f64df17ba0492bc (diff) | |
download | glib-147ac51f902fc2a6b6e98e823ea0bf7058ce0f8d.tar.gz |
trash portal: Fix permission checks
Implement the approach suggested in
https://gitlab.gnome.org/GNOME/glib/merge_requests/276
1. Try to open O_RDWR. On success, pass that fd
2. If EACCESS => fail the trash op, we "need" read-write to successfully trash it
3. If EISDIR => re-open the fd with O_PATH, and pass that (which will fail on snap,
but verify the dir for flatpaks)
Diffstat (limited to 'gio/gtrashportal.c')
-rw-r--r-- | gio/gtrashportal.c | 10 |
1 files changed, 7 insertions, 3 deletions
diff --git a/gio/gtrashportal.c b/gio/gtrashportal.c index a1e82102b..b6aca37a6 100644 --- a/gio/gtrashportal.c +++ b/gio/gtrashportal.c @@ -37,6 +37,10 @@ #define HAVE_O_CLOEXEC 1 #endif +#ifndef O_PATH +#define O_PATH 0 +#endif + static GXdpTrash * ensure_trash_portal (void) { @@ -83,9 +87,9 @@ g_trash_portal_trash_file (GFile *file, path = g_file_get_path (file); fd = g_open (path, O_RDWR | O_CLOEXEC); - if (fd == -1 && (errno == EACCES || errno == EISDIR)) - /* If we don't have write access, fall back to read-only */ - fd = g_open (path, O_CLOEXEC | O_RDONLY); + if (fd == -1 && errno == EISDIR) + /* If it is a directory, fall back to O_PATH */ + fd = g_open (path, O_PATH | O_CLOEXEC | O_RDONLY); errsv = errno; |