git.ipfire.org Git - thirdparty/libvirt.git/commit

author	Eric Blake <eblake@redhat.com>
	Fri, 18 Mar 2011 20:41:13 +0000 (14:41 -0600)
committer	Eric Blake <eblake@redhat.com>
	Thu, 24 Mar 2011 21:18:44 +0000 (15:18 -0600)
commit	391c397e48ac6cefcc065c75236c1ef7d3a152e2
tree	9339f4297013702cd0ea1fcfcaeb998ad2f7aa59	tree \| snapshot
parent	d1c8c8d4386a76c89d50e89b5a9ec1eb59c8f364	commit \| diff

maint: prohibit access(,X_OK)

This simplifies several callers that were repeating checks already
guaranteed by util.c, and makes other callers more robust to now
reject directories. remote_driver.c was over-strict - access(,R_OK)
is only needed to execute a script file; a binary only needs
access(,X_OK) (besides, it's unusual to see a file with x but not
r permissions, whether script or binary).

* cfg.mk (sc_prohibit_access_xok): New syntax-check rule.
(exclude_file_name_regexp--sc_prohibit_access_xok): Exempt one use.
* src/network/bridge_driver.c (networkStartRadvd): Fix offenders.
* src/qemu/qemu_capabilities.c (qemuCapsProbeMachineTypes)
(qemuCapsInitGuest, qemuCapsInit, qemuCapsExtractVersionInfo):
Likewise.
* src/remote/remote_driver.c (remoteFindDaemonPath): Likewise.
* src/uml/uml_driver.c (umlStartVMDaemon): Likewise.
* src/util/hooks.c (virHookCheck): Likewise.

cfg.mk		diff \| blob \| blame \| history
src/network/bridge_driver.c		diff \| blob \| blame \| history
src/qemu/qemu_capabilities.c		diff \| blob \| blame \| history
src/remote/remote_driver.c		diff \| blob \| blame \| history
src/uml/uml_driver.c		diff \| blob \| blame \| history
src/util/hooks.c		diff \| blob \| blame \| history