From 98173d5e5394c50298ce179198133e9f547cacb1 Mon Sep 17 00:00:00 2001
From: martin <martin@martin-ThinkPad-T410.(none)>
Date: Fri, 8 Jul 2011 17:03:49 -0400
Subject: [PATCH] CC-2480: media-monitor needs to ensure permissions before
 importing

-fixed
---
 .../airtimefilemonitor/airtimenotifier.py     |  9 +++-----
 .../airtimefilemonitor/airtimeprocessevent.py | 23 +++++++++++++++----
 2 files changed, 21 insertions(+), 11 deletions(-)

diff --git a/python_apps/media-monitor/airtimefilemonitor/airtimenotifier.py b/python_apps/media-monitor/airtimefilemonitor/airtimenotifier.py
index 55973527c..8f58192cc 100644
--- a/python_apps/media-monitor/airtimefilemonitor/airtimenotifier.py
+++ b/python_apps/media-monitor/airtimefilemonitor/airtimenotifier.py
@@ -66,13 +66,10 @@ class AirtimeNotifier(Notifier):
 
         elif m['event_type'] == "new_watch":
             mm = self.proc_fun()
-            if mm.has_correct_permissions(m['directory']):
-                self.logger.info("AIRTIME NOTIFIER add watched folder event " + m['directory'])
-                self.walk_newly_watched_directory(m['directory'])
+            self.logger.info("AIRTIME NOTIFIER add watched folder event " + m['directory'])
+            self.walk_newly_watched_directory(m['directory'])
 
-                mm.watch_directory(m['directory'])
-            else:
-                self.logger.warn("filepath '%s' has does not have sufficient read permissions. Ignoring.", full_filepath)
+            mm.watch_directory(m['directory'])
 
         elif m['event_type'] == "remove_watch":
             watched_directory = m['directory'].encode('utf-8')
diff --git a/python_apps/media-monitor/airtimefilemonitor/airtimeprocessevent.py b/python_apps/media-monitor/airtimefilemonitor/airtimeprocessevent.py
index 7a92b3bfa..6b0526468 100644
--- a/python_apps/media-monitor/airtimefilemonitor/airtimeprocessevent.py
+++ b/python_apps/media-monitor/airtimefilemonitor/airtimeprocessevent.py
@@ -75,12 +75,25 @@ class AirtimeProcessEvent(ProcessEvent):
         else:
             return False
         
-    #file needs to be readable by all users, and directories
-    #up to this file needs to be readable AND executable by all
-    #users.
+    #check if file is readable by "nobody"
     def has_correct_permissions(self, filepath):
-        st = os.stat(filepath)
-        return bool(st.st_mode & stat.S_IROTH)
+        #drop root permissions and become "nobody"
+        os.seteuid(65534)
+        
+        try:
+            open(filepath)
+            readable = True
+        except IOError:
+            self.logger.warn("File does not have correct permissions: '%s'", filepath)
+            readable = False
+        except Exception, e:
+            self.logger.error("Unexpected exception thrown: %s", e)
+            readable = False
+        finally:
+            #reset effective user to root
+            os.seteuid(0)
+        
+        return readable
 
     def set_needed_file_permissions(self, item, is_dir):