fixed: security vulnerability in 'ln' winix function

a user could create a hardlink to any file and the new link had user_id, group_id and permissions the same as for new generated files, this allowes to overwrite any existing file in the filesystem, now user_id, group_id, permissions are the same as from the oryginal file git-svn-id: svn://ttmath.org/publicrep/winix/trunk@941 e52654a7-88a9-db11-a3e9-0013d4bc506e
2013-12-03 12:33:41 +00:00
parent 375604edd6
commit c04874397b
6 changed files with 82 additions and 35 deletions
--- a/core/item.h
+++ b/core/item.h
@@ -2,7 +2,7 @@
 * This file is a part of Winix
 * and is not publicly distributed
 * 
- * Copyright (c) 2008-2012, Tomasz Sowa
+ * Copyright (c) 2008-2013, Tomasz Sowa
 * All rights reserved.
 * 
 */
@@ -76,7 +76,7 @@ struct Item

 	// used when type is symlink or to a directory too (function 'default')
 	std::wstring link_to;
-	int link_redirect;
+	int link_redirect; // !! IMPROVE ME should it be 'bool'?


 	// static file (if exists)