in xar/XarExecFuse.cpp [82:107]
void check_file_sanity(
const std::string& path,
enum Expectation expected,
mode_t perms) {
struct stat st;
XAR_PCHECK_SIMPLE(stat(path.c_str(), &st) == 0);
if (st.st_uid != geteuid()) {
XAR_FATAL << "Invalid owner of " << path;
}
// Verify the directory is owned by one of the groups the user is in.
if (st.st_gid != getegid() && !tools::xar::is_user_in_group(st.st_gid)) {
XAR_FATAL << "Invalid group of " << path;
}
if (expected == Expectation::Directory && !S_ISDIR(st.st_mode)) {
XAR_FATAL << "Should be a directory: " << path;
}
if (expected == Expectation::File && !S_ISREG(st.st_mode)) {
XAR_FATAL << "Should be a normal file: " << path;
}
if ((st.st_mode & 07777) != perms) {
XAR_FATAL << "Invalid permissions on " << path << ", expected " << std::oct
<< perms << ", got " << (st.st_mode & 07777);
}
}