mirror/fdroidserver
1
0
Fork 0
mirror of https://github.com/f-droid/fdroidserver.git synced 2026-05-14 10:54:29 -04:00
Code Issues Packages Projects Releases Wiki Activity

scanner: flag suspicious permissions also when running as root

Browse Source 
os.access() will always succeed when running as root.
This commit is contained in:
Hans-Christoph Steiner
2025-12-03 16:46:52 +01:00
parent cd33d91e2b
commit b56fd635c6
1 changed files with 3 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
fdroidserver/scanner.py
View File

@@ -966,11 +966,10 @@ def scan_source(build_dir, build=metadata.Build(), json_per_build=None):
path_in_build_dir = os.path.relpath(filepath, build_dir)
if not os.access(filepath, os.R_OK):
st_mode = os.stat(filepath).st_mode
if not os.access(filepath, os.R_OK) or not st_mode & stat.S_IRUSR:
count += handleproblem(
_("suspicious permissions {st_mode:o}").format(
st_mode=os.stat(filepath).st_mode
),
_("suspicious permissions {st_mode:o}").format(st_mode=st_mode),
path_in_build_dir,
filepath,
json_per_build,