The problem with the whole unix-interface is that you generally use names. But
from one call to the other the object referenced by that name may change.
This gets especially tricky if parts of the name-tree are owned by different
users.
It would be much better if there would be something like
GetObjId(name)
and all other operations would request such an id.
Often you often can have something similar by opening a file/dir read-only and
than using
ftstat, fchown, fchmod, fchdir, ...
I think the above task could be done with these operation, though it would
be rather difficult.
The weakness of these are that there is no flag for open which inhibits open
from following symlinks, there is no fopen() and there is only a limited
number of filehandles.
The above job can be solved even with these limits.
To change ownership of whole hierarchies: use a third, shure user and group
to freeze a directory:
fp = fopen(directory, O_RDONLY)
check ownership, ...
fchdir(fp)
/* so even if above hierarchy is not save, they can not fool us
by moving and replacing this
*/
fchown(fp, secure user, secure group);
fchmod(fp, o-w);
/* directory is frozen */
change ownership of files and symlinks with lchown if they belong
olduser
change ownership of directories to secure user, secure group
and chmod(o-w)
chdir into every directory and do the same again
change onwership of . to newuser, newgroup
restore mode of .
In this case I assume that all directories in the hierarchie belong olduser.
Otherwise you have to remember the ownership of every directory
Wolfgang Walter