From e67022be8d312fec0fa7619c65b9070171041c4c Mon Sep 17 00:00:00 2001
From: David Bartley <address@hidden>
Date: Wed, 29 Apr 2009 03:48:15 -0400
Subject: [PATCH] Drop PRIV_SYS_LINKDIR during mv/rm startup

---
 src/mv.c |    9 +++++++++
 src/rm.c |    9 +++++++++
 2 files changed, 18 insertions(+), 0 deletions(-)

diff --git a/src/mv.c b/src/mv.c
index 0613236..22bbb94 100644
--- a/src/mv.c
+++ b/src/mv.c
@@ -33,6 +33,10 @@
 #include "remove.h"
 #include "root-dev-ino.h"
 
+#if HAVE_GETPPRIV
+# include <priv.h>
+#endif
+
 /* The official name of this program (e.g., no `g' prefix).  */
 #define PROGRAM_NAME "mv"
 
@@ -354,6 +358,11 @@ main (int argc, char **argv)
 
   cp_option_init (&x);
 
+  /* Try to disable the ability to unlink a directory.  */
+#ifdef PRIV_SYS_LINKDIR
+  sol10priv_remove (PRIV_SYS_LINKDIR);
+#endif
+
   /* FIXME: consider not calling getenv for SIMPLE_BACKUP_SUFFIX unless
      we'll actually use backup_suffix_string.  */
   backup_suffix_string = getenv ("SIMPLE_BACKUP_SUFFIX");
diff --git a/src/rm.c b/src/rm.c
index 8fecfdd..b15678a 100644
--- a/src/rm.c
+++ b/src/rm.c
@@ -56,6 +56,10 @@
 #include "root-dev-ino.h"
 #include "yesno.h"
 
+#if HAVE_GETPPRIV
+# include <priv.h>
+#endif
+
 /* The official name of this program (e.g., no `g' prefix).  */
 #define PROGRAM_NAME "rm"
 
@@ -241,6 +245,11 @@ main (int argc, char **argv)
 
   rm_option_init (&x);
 
+  /* Try to disable the ability to unlink a directory.  */
+#ifdef PRIV_SYS_LINKDIR
+  sol10priv_remove (PRIV_SYS_LINKDIR);
+#endif
+
   while ((c = getopt_long (argc, argv, "dfirvIR", long_opts, NULL)) != -1)
     {
       switch (c)
-- 
1.5.6.5