chiark / gitweb /
~ianmdlvl / elogind.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: f40fc11) | patch
fs-util: add new CHASE_SAFE flag to chase_symlinks()
authorLennart Poettering <lennart@poettering.net>
Thu, 4 Jan 2018 18:44:27 +0000 (19:44 +0100)
committerSven Eden <yamakuzure@gmx.net>
Wed, 30 May 2018 05:50:08 +0000 (07:50 +0200)
commite2c4475028606343176752bd0974df2c5ed6a520
treef46ed68b54a316393d3b31217b690d71852632f2tree | snapshot
parentf40fc1151dc0225aa2acf884a0ce3cceb1a00aaccommit | diff
fs-util: add new CHASE_SAFE flag to chase_symlinks()

When the flag is specified we won't transition to a privilege-owned
file or directory from an unprivileged-owned one. This is useful when
privileged code wants to load data from a file unprivileged users have
write access to, and validates the ownership, but want's to make sure
that no symlink games are played to read a root-owned system file
belonging to a different context.
src/basic/fs-util.c diff | blob | history
src/basic/fs-util.h diff | blob | history
src/test/test-fs-util.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.