--- src/libsandbox.c.orig	2006-06-10 01:25:35.000000000 +0200
+++ src/libsandbox.c	2006-06-10 01:28:11.000000000 +0200
@@ -82,6 +82,9 @@
 #define FUNCTION_SANDBOX_SAFE_ACCESS(_func, _path, _flags) \
 	((0 == is_sandbox_on()) || (1 == before_syscall_access(_func, _path, _flags)))
 
+#define FUNCTION_SANDBOX_FAIL_OPEN_INT(_func, _path, _flags) \
+	((0 == is_sandbox_on()) || (1 == before_syscall_open_int(_func, _path, _flags)))
+
 #define FUNCTION_SANDBOX_SAFE_OPEN_INT(_func, _path, _flags) \
 	((0 == is_sandbox_on()) || (1 == before_syscall_open_int(_func, _path, _flags)))
 
@@ -390,6 +393,16 @@
 FILE *_name(const char *pathname, const char *mode) \
 { \
 	FILE *result = NULL; \
+	int my_errno = errno; \
+	struct stat st; \
+\
+	if (mode!=NULL && mode[0]=='r') { \
+		/* If we're trying to read, fail normally if file does not stat */\
+		if (-1 == stat(pathname, &st)) { \
+			return NULL; \
+		} \
+	} \
+	errno = my_errno; \
 \
 	if FUNCTION_SANDBOX_SAFE_OPEN_CHAR("fopen", pathname, mode) { \
 		check_dlsym(_name); \
@@ -563,12 +576,20 @@
 	va_list ap; \
 	int mode = 0; \
 	int result = -1; \
+	int my_errno = errno; \
+	struct stat st; \
 \
 	if (flags & O_CREAT) { \
 		va_start(ap, flags); \
 		mode = va_arg(ap, int); \
 		va_end(ap); \
+	} else { \
+		/* If we're not trying to create, fail normally if file does not stat */\
+		if (-1 == stat(pathname, &st)) { \
+			return -1; \
+		} \
 	} \
+	errno = my_errno; \
 \
 	if FUNCTION_SANDBOX_SAFE_OPEN_INT("open", pathname, flags) { \
 		check_dlsym(_name); \
@@ -728,6 +749,16 @@
 FILE *_name(const char *pathname, const char *mode) \
 { \
 	FILE *result = NULL; \
+	int my_errno = errno; \
+	struct stat64 st; \
+\
+	if (mode!=NULL && mode[0]=='r') { \
+		/* If we're trying to read, fail normally if file does not stat */\
+		if (-1 == stat64(pathname, &st)) { \
+			return NULL; \
+		} \
+	} \
+	errno = my_errno; \
 \
 	if FUNCTION_SANDBOX_SAFE_OPEN_CHAR("fopen64", pathname, mode) { \
 		check_dlsym(_name); \
@@ -748,12 +779,20 @@
 	va_list ap; \
 	int mode = 0; \
 	int result = -1; \
+	int my_errno = errno; \
+	struct stat64 st; \
 \
 	if (flags & O_CREAT) { \
 		va_start(ap, flags); \
 		mode = va_arg(ap, int); \
 		va_end(ap); \
+	} else { \
+		/* If we're not trying to create, fail normally if file does not stat */\
+		if (-1 == stat64(pathname, &st)) { \
+			return -1; \
+		} \
 	} \
+	errno = my_errno; \
 \
 	if FUNCTION_SANDBOX_SAFE_OPEN_INT("open64", pathname, flags) { \
 		check_dlsym(_name); \