diff options
author | piaip <piaip@63ad8ddf-47c3-0310-b6dd-a9e9d9715204> | 2014-02-07 21:30:56 +0800 |
---|---|---|
committer | piaip <piaip@63ad8ddf-47c3-0310-b6dd-a9e9d9715204> | 2014-02-07 21:30:56 +0800 |
commit | 65d41b33aced6988791d2d9a87f305beecf0d3da (patch) | |
tree | dc92b94a0e572ddfe59221de161ab33738ed7328 | |
parent | b6f5486a753ef392836b25b0d8013a4046a63597 (diff) | |
download | pttbbs-65d41b33aced6988791d2d9a87f305beecf0d3da.tar pttbbs-65d41b33aced6988791d2d9a87f305beecf0d3da.tar.gz pttbbs-65d41b33aced6988791d2d9a87f305beecf0d3da.tar.bz2 pttbbs-65d41b33aced6988791d2d9a87f305beecf0d3da.tar.lz pttbbs-65d41b33aced6988791d2d9a87f305beecf0d3da.tar.xz pttbbs-65d41b33aced6988791d2d9a87f305beecf0d3da.tar.zst pttbbs-65d41b33aced6988791d2d9a87f305beecf0d3da.zip |
Prevent people entering board symlinks and incorrectly set its targets (without
permission).
git-svn-id: http://opensvn.csie.org/pttbbs/trunk@5918 63ad8ddf-47c3-0310-b6dd-a9e9d9715204
-rw-r--r-- | pttbbs/mbbsd/board.c | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/pttbbs/mbbsd/board.c b/pttbbs/mbbsd/board.c index cd9b4df3..b6dc566f 100644 --- a/pttbbs/mbbsd/board.c +++ b/pttbbs/mbbsd/board.c @@ -1154,8 +1154,9 @@ load_boards(char *key) continue; if (bptr->brdattr & BRD_SYMBOLIC) { - /* Only SYSOP knows a board is a link or not. */ - if (HasUserPerm(PERM_SYSOP) || HasUserPerm(PERM_SYSSUPERSUBOP)) + /* Let group ops know this is a symlink. */ + if (HasUserPerm(PERM_SYSOP) || HasUserPerm(PERM_SYSSUPERSUBOP) + || GROUPOP()) state |= NBRD_SYMBOLIC; else { bid = BRD_LINK_TARGET(bptr); @@ -1545,6 +1546,7 @@ static void replace_link_by_target(boardstat_t *board) board->bid = BRD_LINK_TARGET(getbcache(board->bid)); board->myattr &= ~NBRD_SYMBOLIC; } + static int paste_taged_brds(int gid) { @@ -1888,6 +1890,10 @@ choose_board(int newflag) assert(0<=num && num<nbrdsize); ptr = &nbrd[num]; if (ptr->myattr & NBRD_SYMBOLIC) { + if (GROUPOP() && !HasUserPerm(PERM_SYSOP)) { + vmsg("此為看板連結。為避免設定錯誤,您無法由此直接進入看板。"); + break; + } replace_link_by_target(ptr); } } |