Modified: trunk/launchd/src/StartupItems.c (23354 => 23355)

--- trunk/launchd/src/StartupItems.c	2007-09-04 23:33:25 UTC (rev 23354)
+++ trunk/launchd/src/StartupItems.c	2007-09-05 15:04:36 UTC (rev 23355)
@@ -26,6 +26,7 @@
 #include <unistd.h>
 #include <sys/types.h>
 #include <sys/stat.h>
+#include <sys/sysctl.h>
 #include <sys/mman.h>
 #include <stdlib.h>
 #include <fcntl.h>
@@ -217,15 +218,31 @@
 
 static bool StartupItemSecurityCheck(const char *aPath)
 {
+	static struct timeval boot_time;
 	struct stat aStatBuf;
 	bool r = true;
 
+	if (boot_time.tv_sec == 0) {
+		int mib[] = { CTL_KERN, KERN_BOOTTIME };
+		size_t boot_time_sz = sizeof(boot_time);
+		int rv;
+
+		rv = sysctl(mib, sizeof(mib) / sizeof(mib[0]), &boot_time, &boot_time_sz, NULL, 0);
+
+		assert(rv != -1);
+		assert(boot_time_sz == sizeof(boot_time));
+	}
+
 	/* should use lstatx_np() on Tiger? */
 	if (lstat(aPath, &aStatBuf) == -1) {
 		if (errno != ENOENT)
 			syslog(LOG_ERR, "lstat(\"%s\"): %m", aPath);
 		return false;
 	}
+	if (aStatBuf.st_ctimespec.tv_sec > boot_time.tv_sec) {
+		syslog(LOG_WARNING, "\"%s\" failed sanity check: path was created after boot up", aPath);
+		return false;
+	}
 	if (!(S_ISREG(aStatBuf.st_mode) || S_ISDIR(aStatBuf.st_mode))) {
 		syslog(LOG_WARNING, "\"%s\" failed security check: not a directory or regular file", aPath);
 		r = false;