From 4b89084432f839806bbf86aec6dc9663a9079ba9 Mon Sep 17 00:00:00 2001
From: XeonSquared <redtailedairways@gmail.com>
Date: Fri, 15 Sep 2017 15:58:42 +1000
Subject: [PATCH] can only r/w attributes if you have r/w permissions in the
 attributes

---
 modules/lib/fs.lua | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)

diff --git a/modules/lib/fs.lua b/modules/lib/fs.lua
index 235b2ef..c093d40 100644
--- a/modules/lib/fs.lua
+++ b/modules/lib/fs.lua
@@ -3,7 +3,23 @@ do
  local dfsattr = {read = "*", write = "*"}
  local fsattr = {}
  local fT,hT = {},{["_c"]=0}
+ local function parseacl(acl)
+  acl = acl or ""
+  local tacl = {}
+  if acl == "*" then
+   setmetatable(tacl,{__index = function() return true end})
+  else
+   for n in acl:gmatch("[^,]+") do
+    tacl[n] = true
+    log(n)
+   end
+  end
+  return tacl
+ end
  local function getattr(fn,k)
+  if os.getuid() ~= "superuser" then
+   if not parseacl(fsattr[fn].read or "")[os.getuid()] then return false end
+  end
   if fsattr[fn] then
    return fsattr[fn][k]
   else
@@ -12,6 +28,10 @@ do
  end
  local function setattr(fn,k,v)
   if k:find("\t") or v:find("\t") then return false end
+  log(parseacl(getattr(fn,"write"))[os.getuid()])
+  if os.getuid() ~= "superuser" then
+   if not parseacl(getattr(fn,"write"))[os.getuid()] then return false end
+  end
   if not fsattr[fn] then
    fsattr[fn] = {}
    setmetatable(fsattr[fn],{__index=dfsattr})