23fb2f
diff -up lockdev-scm-2011-10-07/src/lockdev.c.access lockdev-scm-2011-10-07/src/lockdev.c
23fb2f
--- lockdev-scm-2011-10-07/src/lockdev.c.access	2011-07-22 09:37:10.000000000 +0200
23fb2f
+++ lockdev-scm-2011-10-07/src/lockdev.c	2013-12-05 11:56:57.836961642 +0100
23fb2f
@@ -95,6 +95,10 @@
23fb2f
  *
23fb2f
  */
23fb2f
 
23fb2f
+#ifndef _GNU_SOURCE
23fb2f
+   #define _GNU_SOURCE
23fb2f
+#endif
23fb2f
+
23fb2f
 #include <errno.h>
23fb2f
 #include <signal.h>
23fb2f
 #include <stdio.h>
23fb2f
@@ -125,6 +125,10 @@
23fb2f
 #include "lockdev.h"
23fb2f
 #include "ttylock.h"
23fb2f
 
23fb2f
+#ifndef LOCKDEV_ACCESS
23fb2f
+#define LOCKDEV_ACCESS  euidaccess
23fb2f
+#endif
23fb2f
+
23fb2f
 #define	LOCKDEV_PATH	SBINDIR "/lockdev"
23fb2f
 
23fb2f
 /*
23fb2f
@@ -616,7 +620,10 @@ dev_lock (const char *devname)
23fb2f
 	if ( stat( device, &statbuf) == -1 ) {
23fb2f
 		close_n_return(-errno);
23fb2f
 	}
23fb2f
-	if ( access( device, W_OK ) == -1 ) {
23fb2f
+	/* check that the caller has write permission to the device
23fb2f
+	 * to prevent denial-of-service attack by unauthorized users
23fb2f
+	 */
23fb2f
+	if ( LOCKDEV_ACCESS( device, W_OK ) == -1 ) {
23fb2f
 		close_n_return(-errno);
23fb2f
 	}
23fb2f
 
23fb2f
@@ -780,7 +787,10 @@ dev_relock (const char  *devname,
23fb2f
 	if ( stat( device, &statbuf) == -1 ) {
23fb2f
 		close_n_return(-errno);
23fb2f
 	}
23fb2f
-	if ( access( device, W_OK ) == -1 ) {
23fb2f
+	/* check that the caller has write permission to the device
23fb2f
+	 * to prevent denial-of-service attack by unauthorized users
23fb2f
+	 */
23fb2f
+	if ( LOCKDEV_ACCESS( device, W_OK ) == -1 ) {
23fb2f
 		close_n_return(-errno);
23fb2f
 	}
23fb2f
 
23fb2f
@@ -870,7 +880,10 @@ dev_unlock (const char *devname,
23fb2f
 	if ( stat( device, &statbuf) == -1 ) {
23fb2f
 		close_n_return(-errno);
23fb2f
 	}
23fb2f
-	if ( access( device, W_OK ) == -1 ) {
23fb2f
+	/* check that the caller has write permission to the device
23fb2f
+	 * to prevent denial-of-service attack by unauthorized users
23fb2f
+	 */
23fb2f
+	if ( LOCKDEV_ACCESS( device, W_OK ) == -1 ) {
23fb2f
 		close_n_return(-errno);
23fb2f
 	}
23fb2f
 
23fb2f
diff -ru lockdev-save/src/Makefile.am lockdev-scm-2011-10-07/src/Makefile.am
23fb2f
--- lockdev-save/src/Makefile.am	2014-09-18 13:42:00.363741658 +0200
23fb2f
+++ lockdev-scm-2011-10-07/src/Makefile.am	2014-09-18 13:52:10.307868154 +0200
23fb2f
@@ -6,7 +6,6 @@
23fb2f
 AM_CPPFLAGS = -include $(top_builddir)/config.h -DSBINDIR=\"$(sbindir)\"
23fb2f
 
23fb2f
 lockdev_SOURCES = sample.c
23fb2f
-lockdev_LDADD = liblockdev.la
23fb2f
 
23fb2f
 baudboy_SOURCES = baudboy_test.c
23fb2f
 baudboy_LDADD = liblockdev.la
23fb2f
Solo in lockdev-scm-2011-10-07/src: Makefile.in
23fb2f
diff -ru lockdev-save/src/sample.c lockdev-scm-2011-10-07/src/sample.c
23fb2f
--- lockdev-save/src/sample.c	2014-09-18 13:42:00.363741658 +0200
23fb2f
+++ lockdev-scm-2011-10-07/src/sample.c	2014-09-18 14:06:03.769023380 +0200
23fb2f
@@ -6,6 +6,13 @@
23fb2f
 #include <fcntl.h>
23fb2f
 #include "lockdev.h"
23fb2f
 
23fb2f
+/* ttylock functions swap the real/effective uid/gid for us, so
23fb2f
+ * use access instead of euidaccess.
23fb2f
+ */
23fb2f
+#define LOCKDEV_ACCESS access
23fb2f
+#undef TTYLOCK_USE_HELPER
23fb2f
+#include "lockdev.c"
23fb2f
+
23fb2f
 void
23fb2f
 usage (void)
23fb2f
 {
23fb2f
Solo in lockdev-scm-2011-10-07: VERSION