diff options
author | Max Kellermann <max@duempel.org> | 2012-03-06 22:01:24 +0100 |
---|---|---|
committer | Max Kellermann <max@duempel.org> | 2012-03-06 22:10:54 +0100 |
commit | 1e60a4386a78ed16fc3fdf99c1f398b607178804 (patch) | |
tree | d0a7153adfb1869449141ca2c96b8d70561f8656 /src/client_file.c | |
parent | e9f1b53ae6819170ea06f4347a2c5c631044c1f3 (diff) | |
download | mpd-1e60a4386a78ed16fc3fdf99c1f398b607178804.tar.gz mpd-1e60a4386a78ed16fc3fdf99c1f398b607178804.tar.xz mpd-1e60a4386a78ed16fc3fdf99c1f398b607178804.zip |
playlist_edit: move UID check to client_allow_file()
Diffstat (limited to 'src/client_file.c')
-rw-r--r-- | src/client_file.c | 65 |
1 files changed, 65 insertions, 0 deletions
diff --git a/src/client_file.c b/src/client_file.c new file mode 100644 index 000000000..e2d315701 --- /dev/null +++ b/src/client_file.c @@ -0,0 +1,65 @@ +/* + * Copyright (C) 2003-2012 The Music Player Daemon Project + * http://www.musicpd.org + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ + +#include "client_file.h" +#include "client.h" +#include "ack.h" + +#include <sys/stat.h> +#include <sys/types.h> +#include <errno.h> +#include <unistd.h> + +bool +client_allow_file(const struct client *client, const char *path_fs, + GError **error_r) +{ +#ifdef WIN32 + (void)client; + (void)path_fs; + + g_set_error(error_r, ack_quark(), ACK_ERROR_PERMISSION, + "Access denied"); + return false; +#else + const int uid = client_get_uid(client); + if (uid <= 0) { + /* unauthenticated client */ + g_set_error(error_r, ack_quark(), ACK_ERROR_PERMISSION, + "Access denied"); + return false; + } + + struct stat st; + if (stat(path_fs, &st) < 0) { + g_set_error(error_r, g_file_error_quark(), errno, + "%s", g_strerror(errno)); + return false; + } + + if (st.st_uid != (uid_t)uid && (st.st_mode & 0444) != 0444) { + /* client is not owner */ + g_set_error(error_r, ack_quark(), ACK_ERROR_PERMISSION, + "Access denied"); + return false; + } + + return true; +#endif +} |