diff options
author | Lennart Poettering <lennart@poettering.net> | 2018-05-30 18:21:58 +0200 |
---|---|---|
committer | Sven Eden <yamakuzure@gmx.net> | 2018-08-24 16:47:08 +0200 |
commit | aa15ecac3f6b7d995748fd668c39cf1c8c63e476 (patch) | |
tree | b105ee098c08b683bdf34c5fed6017028208ffa3 /src | |
parent | f0580b86936fbf46f0dd5cb2a91ad9ceff033a35 (diff) |
smack: make mac_smack_fix() deal somewhat sensible with non-absolute paths
This tries to improve the mac_smack_fix() logic a bit, by properly
handling non-absolute paths.
It's still pretty broken though, which is sad for security technology:
non-normalized paths (for example "/usr/../dev/sda") will still not be
treated correctly. I am not sure how to fix that properly though, and I
don't understand SMACK well enough to do so. This fix hence just fixes
to most obvious glaring issue.
Diffstat (limited to 'src')
-rw-r--r-- | src/basic/smack-util.c | 19 |
1 files changed, 16 insertions, 3 deletions
diff --git a/src/basic/smack-util.c b/src/basic/smack-util.c index d292b6afb..491b421ab 100644 --- a/src/basic/smack-util.c +++ b/src/basic/smack-util.c @@ -138,9 +138,22 @@ int mac_smack_fix(const char *path, LabelFixFlags flags) { if (!mac_smack_use()) return 0; - /* Path must be in /dev */ - if (!path_startswith(path, "/dev")) - return 0; + /* Path must be in /dev. Note that this check is pretty sloppy, as we might be called with non-normalized paths + * and hence not detect all cases of /dev. */ + + if (path_is_absolute(path)) { + if (!path_startswith(path, "/dev")) + return 0; + } else { + _cleanup_free_ char *cwd = NULL; + + r = safe_getcwd(&cwd); + if (r < 0) + return r; + + if (!path_startswith(cwd, "/dev")) + return 0; + } fd = open(path, O_NOFOLLOW|O_CLOEXEC|O_PATH); if (fd < 0) { |