fixed: security vulnerability in 'ln' winix function

a user could create a hardlink to any file and the new link 
       had user_id, group_id and permissions the same as for new generated files,
       this allowes to overwrite any existing file in the filesystem,
       now user_id, group_id, permissions are the same as from the oryginal file



git-svn-id: svn://ttmath.org/publicrep/winix/trunk@941 e52654a7-88a9-db11-a3e9-0013d4bc506e

core/dirs.cpp

@@ -517,7 +517,11 @@ void Dirs::CopyDirTab(const std::vector<Item*> & in, std::vector<Item*> & out)
 
 
 
-
+/*
+	!! IMPROVE ME
+	may dir_tab can be empty when link_to is not relative?
+	and now the algorith doesn't check if link_to is not relative (it only uses dir_tab)
+*/
 bool Dirs::AnalyzeDir(std::vector<Item*> & dir_tab, const std::wstring & link_to, size_t & i)
 {
 	size_t old_i;

core/item.h

@@ -2,7 +2,7 @@
  * This file is a part of Winix
  * and is not publicly distributed
  * 
- * Copyright (c) 2008-2012, Tomasz Sowa
+ * Copyright (c) 2008-2013, Tomasz Sowa
  * All rights reserved.
  * 
  */
@@ -76,7 +76,7 @@ struct Item
 
 	// used when type is symlink or to a directory too (function 'default')
 	std::wstring link_to;
-	int link_redirect;
+	int link_redirect; // !! IMPROVE ME should it be 'bool'?
 
 
 	// static file (if exists)

core/system.cpp

@@ -1207,6 +1207,8 @@ int System::FollowAllLinks(const std::vector<Item*> & current_dir_tab, const std
 		}
 		else
 		{
+			// !! CHECK ME
+			// FollowLink is using link_to_temp temporary variable too
 			res = FollowLink(current_dir_tab, link_to_temp, out_dir_tab, out_item);
 			link_to_temp.clear();