From 6e29dd5db9b4c5a2847edcac2c721c1229fa2111 Mon Sep 17 00:00:00 2001
From: yuvipanda <yuvipanda@gmail.com>
Date: Wed, 1 Aug 2018 18:53:50 -0700
Subject: [PATCH] Error out if there's a tljh-config that isn't ours in PATH

---
 tljh/installer.py | 14 ++++++++++----
 1 file changed, 10 insertions(+), 4 deletions(-)

diff --git a/tljh/installer.py b/tljh/installer.py
index cb86f62..66daf1e 100644
--- a/tljh/installer.py
+++ b/tljh/installer.py
@@ -287,10 +287,16 @@ def ensure_symlinks(prefix):
     """
     tljh_config_src = os.path.join(prefix, 'bin', 'tljh-config')
     tljh_config_dest = '/usr/local/bin/tljh-config'
-    if not os.path.exists(tljh_config_dest):
-        # If this exists, we leave it alone. Do *not* remove it,
-        # since we are running as root and it could be anything!
-        os.symlink(tljh_config_src, tljh_config_dest)
+    if os.path.exists(tljh_config_dest):
+        if os.path.realpath(tljh_config_dest) != tljh_config_src:
+            #  tljh-config exists that isn't ours. We should *not* delete this file,
+            # instead we throw an error and abort. Deleting files owned by other people
+            # while running as root is dangerous, especially with symlinks involved.
+            raise FileExistsError(f'/usr/local/bin/tljh-config exists but is not a symlink to {tljh_config_src}')
+        else:
+            # We have a working symlink, so do nothing
+            return
+    os.symlink(tljh_config_src, tljh_config_dest)
 
 
 def main():