Check permissions when changing dir.

diff --git a/src/VfsNs.cpp b/src/VfsNs.cpp
index d80d0e1..b9fe4b1 100644 (file)
--- a/src/VfsNs.cpp
+++ b/src/VfsNs.cpp
@@ -110,7 +110,14 @@ void VfsCatalog::setSecurityContext(const SecurityContext* ctx) throw (DmExcepti
 
 void VfsCatalog::changeDir(const std::string& path) throw (DmException)
 {
+  ExtendedStat meta;
+
+  meta = this->extendedStat(path);
+  if (checkPermissions(this->secCtx_, meta.acl, meta.stat, S_IEXEC | S_IREAD) != 0)
+    vfsThrow(EACCES, "not enough permissions for '%s' on '%s'", clientName.c_str(), meta.name.c_str());
+
   wrapCall(chdir(path.c_str()));
+  syslog(LOG_DEBUG, "%s: changed to '%s'", __func__, path.c_str());
 }