We use cookies to ensure you get the best experience on our website
Home Explore Help
Register Sign In
0ct0pu5
/
moby
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

pkg/idtools: CanAccess(): reorder checks to allow early return

Merge the accessible() function into CanAccess, and check world-
readable permissions first, before checking owner and group.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Sebastiaan van Stijn 2 years ago
parent
1fccb39316
commit
0fc13104e7
1 changed files with 7 additions and 10 deletions
Unified View Show Diff Stats
  1. 7 10
      pkg/idtools/idtools_unix.go

+ 7 - 10
pkg/idtools/idtools_unix.go
View File 

@@ -90,20 +90,17 @@ func CanAccess(path string, pair Identity) bool {
 
 	if err != nil {
 
 	if err != nil {
 
 		return false
 
 		return false
 
 	}
 
 	}
 
-	fileMode := os.FileMode(statInfo.Mode())
 
-	permBits := fileMode.Perm()
 
-	return accessible(statInfo.UID() == uint32(pair.UID),
 
-		statInfo.GID() == uint32(pair.GID), permBits)
 
-}
 
-
 
-func accessible(isOwner, isGroup bool, perms os.FileMode) bool {
 
-	if isOwner && (perms&0100 == 0100) {
 
+	perms := os.FileMode(statInfo.Mode()).Perm()
 
+	if perms&0o001 == 0o001 {
 
+		// world access
 
 		return true
 
 		return true
 
 	}
 
 	}
 
-	if isGroup && (perms&0010 == 0010) {
 
+	if statInfo.UID() == uint32(pair.UID) && (perms&0o100 == 0o100) {
 
+		// owner access.
 
 		return true
 
 		return true
 
 	}
 
 	}
 
-	if perms&0001 == 0001 {
 
+	if statInfo.GID() == uint32(pair.GID) && (perms&0o010 == 0o010) {
 
+		// group access.
 
 		return true
 
 		return true
 
 	}
 
 	}
 
 	return false
 
 	return false

Contact | Legal | Takedown | Status
Self-hosted public services - About
NibbleSpot by 0ct0pu5