From 147ac51f902fc2a6b6e98e823ea0bf7058ce0f8d Mon Sep 17 00:00:00 2001 From: Matthias Clasen Date: Mon, 4 Mar 2019 19:47:11 +0000 Subject: [PATCH] trash portal: Fix permission checks Implement the approach suggested in https://gitlab.gnome.org/GNOME/glib/merge_requests/276 1. Try to open O_RDWR. On success, pass that fd 2. If EACCESS => fail the trash op, we "need" read-write to successfully trash it 3. If EISDIR => re-open the fd with O_PATH, and pass that (which will fail on snap, but verify the dir for flatpaks) --- gio/gtrashportal.c | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/gio/gtrashportal.c b/gio/gtrashportal.c index a1e82102b..b6aca37a6 100644 --- a/gio/gtrashportal.c +++ b/gio/gtrashportal.c @@ -37,6 +37,10 @@ #define HAVE_O_CLOEXEC 1 #endif +#ifndef O_PATH +#define O_PATH 0 +#endif + static GXdpTrash * ensure_trash_portal (void) { @@ -83,9 +87,9 @@ g_trash_portal_trash_file (GFile *file, path = g_file_get_path (file); fd = g_open (path, O_RDWR | O_CLOEXEC); - if (fd == -1 && (errno == EACCES || errno == EISDIR)) - /* If we don't have write access, fall back to read-only */ - fd = g_open (path, O_CLOEXEC | O_RDONLY); + if (fd == -1 && errno == EISDIR) + /* If it is a directory, fall back to O_PATH */ + fd = g_open (path, O_PATH | O_CLOEXEC | O_RDONLY); errsv = errno;