core: Refuse mount on symlink

author Timofey Titovets <nefelim4ag@gmail.com>

Thu, 14 Aug 2014 23:05:47 +0000 (02:05 +0300)

committer Lennart Poettering <lennart@poettering.net>

Thu, 14 Aug 2014 23:35:28 +0000 (01:35 +0200)
author Timofey Titovets <nefelim4ag@gmail.com>
Thu, 14 Aug 2014 23:05:47 +0000 (02:05 +0300)
committer Lennart Poettering <lennart@poettering.net>
Thu, 14 Aug 2014 23:35:28 +0000 (01:35 +0200)
diff --git a/src/core/mount.c b/src/core/mount.c

index 39a9aaf2a0bf35e0ff333c9d0116a7512db6002c..ec90b0a6708184a7ffe3ccd63ecb48d177e77f3c 100644 (file)
--- a/src/core/mount.c
+++ b/src/core/mount.c
@@ -827,6 +827,23 @@ void warn_if_dir_nonempty(const char *unit, const char* where) {
                     NULL);
  }
  
+static int fail_if_symlink(const char *unit, const char* where) {
+        assert(where);
+
+        if (is_symlink(where) > 0) {
+                log_struct_unit(LOG_WARNING,
+                                unit,
+                                "MESSAGE=%s: Mount on symlink %s not allowed.",
+                                unit, where,
+                                "WHERE=%s", where,
+                                MESSAGE_ID(SD_MESSAGE_OVERMOUNTING),
+                                NULL);
+
+                return -ELOOP;
+        }
+        return 0;
+}
+
  static void mount_enter_unmounting(Mount *m) {
          int r;
  
@@ -877,6 +894,10 @@ static void mount_enter_mounting(Mount *m) {
          if (p && mount_is_bind(p))
                  mkdir_p_label(p->what, m->directory_mode);
  
+        r = fail_if_symlink(m->meta.id, m->where);
+        if (r < 0)
+                goto fail;
+
          if (m->from_fragment)
                  r = exec_command_set(
                                  m->control_command,
diff --git a/src/shared/util.c b/src/shared/util.c

index 3d16cd1a13a5c52d4a30d955a5235adcefe8c3c7..0db4bd90e89cb09137381ab56c99d5e2ff3e48ad 100644 (file)
--- a/src/shared/util.c
+++ b/src/shared/util.c
@@ -6918,3 +6918,15 @@ int take_password_lock(const char *root) {
  
          return fd;
  }
+
+int is_symlink(const char *path) {
+        struct stat info;
+
+        if (lstat(path, &info) < 0)
+                return -errno;
+
+        if (S_ISLNK(info.st_mode))
+                return 1;
+
+        return 0;
+}
+\ No newline at end of file
diff --git a/src/shared/util.h b/src/shared/util.h

index 101d2dfcf89b13f66cec6a2bfea4edf3c1578df9..bd8bbb268f37ac413078fc05b89aa7765bd65c8a 100644 (file)
--- a/src/shared/util.h
+++ b/src/shared/util.h
@@ -966,3 +966,5 @@ char *tempfn_random(const char *p);
  bool is_localhost(const char *hostname);
  
  int take_password_lock(const char *root);
+
+int is_symlink(const char *path);
+\ No newline at end of file
author	Timofey Titovets <nefelim4ag@gmail.com>
	Thu, 14 Aug 2014 23:05:47 +0000 (02:05 +0300)
committer	Lennart Poettering <lennart@poettering.net>
	Thu, 14 Aug 2014 23:35:28 +0000 (01:35 +0200)
src/core/mount.c		patch \| blob \| history
src/shared/util.c		patch \| blob \| history
src/shared/util.h		patch \| blob \| history