X-Git-Url: https://codewiz.org/gitweb?p=monkeysphere.git;a=blobdiff_plain;f=src%2Fshare%2Fcheckperms;h=c93113ec66708f81ab82fc8755b2ddc942b8b1c2;hp=731790e1d7c03a084cbbd2cca0e950535588f62a;hb=c27bb69e547de6c17f49b6703a61a009fb862be2;hpb=cb632251263ede89aca882f953fcb28dde88593b

diff --git a/src/share/checkperms b/src/share/checkperms
index 731790e..c93113e 100755
--- a/src/share/checkperms
+++ b/src/share/checkperms
@@ -81,6 +81,14 @@ sub permissions_ok {
     return sprintf("improper other writability on '%s'", $path);
   }
 
+  # see the rationalization in secure_filename() in auth.c in the
+  # OpenSSH sources for an explanation of this bailout (see also
+  # monkeysphere #675):
+  if ($path eq $user->dir) {
+    debug("stopping at the %s's home directory '%s'\n", $user->name, $path);
+    return undef;
+  }
+
   my $nextlevel = dirname($path);
   if ($path eq $nextlevel) { # we bottom out at the root (/ in UNIX)
     return undef;