trash portal: Fix permission checks

Implement the approach suggested in https://gitlab.gnome.org/GNOME/glib/merge_requests/276 1. Try to open O_RDWR. On success, pass that fd 2. If EACCESS => fail the trash op, we "need" read-write to successfully trash it 3. If EISDIR => re-open the fd with O_PATH, and pass that (which will fail on snap, but verify the dir for flatpaks)
author: Matthias Clasen <mclasen@redhat.com> 2019-03-04 19:47:11 +0000
committer: Philip Withnall <philip@tecnocode.co.uk> 2019-03-04 19:47:11 +0000
commit: 147ac51f902fc2a6b6e98e823ea0bf7058ce0f8d (patch)
tree: 83ce0a3517135eed8e44550c625cb406f63d8756 /gio/gtrashportal.c
parent: 7fa9a2a5da3b925191f401825f64df17ba0492bc (diff)
download: glib-147ac51f902fc2a6b6e98e823ea0bf7058ce0f8d.tar.gz
1 files changed, 7 insertions, 3 deletions
diff --git a/gio/gtrashportal.c b/gio/gtrashportal.c
index a1e82102b..b6aca37a6 100644
--- a/gio/gtrashportal.c
+++ b/gio/gtrashportal.c
@@ -37,6 +37,10 @@
 #define HAVE_O_CLOEXEC 1
 #endif
 
+#ifndef O_PATH
+#define O_PATH 0
+#endif
+
 static GXdpTrash *
 ensure_trash_portal (void)
 {
@@ -83,9 +87,9 @@ g_trash_portal_trash_file (GFile   *file,
   path = g_file_get_path (file);
 
   fd = g_open (path, O_RDWR | O_CLOEXEC);
-  if (fd == -1 && (errno == EACCES || errno == EISDIR))
-    /* If we don't have write access, fall back to read-only */
-    fd = g_open (path, O_CLOEXEC | O_RDONLY);
+  if (fd == -1 && errno == EISDIR)
+    /* If it is a directory, fall back to O_PATH */
+    fd = g_open (path, O_PATH | O_CLOEXEC | O_RDONLY);
 
   errsv = errno;
author	Matthias Clasen <mclasen@redhat.com>	2019-03-04 19:47:11 +0000
committer	Philip Withnall <philip@tecnocode.co.uk>	2019-03-04 19:47:11 +0000
commit	147ac51f902fc2a6b6e98e823ea0bf7058ce0f8d (patch)
tree	83ce0a3517135eed8e44550c625cb406f63d8756 /gio/gtrashportal.c
parent	7fa9a2a5da3b925191f401825f64df17ba0492bc (diff)
download	glib-147ac51f902fc2a6b6e98e823ea0bf7058ce0f8d.tar.gz