mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-11-29 07:42:04 +00:00
Bug 1335329
- Improve handling of mkdir() on preexisting directories in Linux sandbox file broker. r=gcp
If the path given doesn't have write+create permissions in the broker policy, but does have MAY_ACCESS (i.e., if checking for its existence with lstat() or access() would be allowed), then check for its existence and fail with EEXIST the way the the real mkdir() would. Note that mkdir() fails with EEXIST even the existing file isn't a directory, including if it's a broken symlink. MozReview-Commit-ID: 13Cwnq1nRrw --HG-- extra : rebase_source : c37caa091583fa85a0a72ed62fa9f12a3523e8f4
This commit is contained in:
parent
75ddc332a5
commit
467786d86a
@ -673,7 +673,14 @@ SandboxBroker::ThreadMain(void)
|
||||
resp.mError = -errno;
|
||||
}
|
||||
} else {
|
||||
AuditDenial(req.mOp, req.mFlags, perms, pathBuf);
|
||||
struct stat sb;
|
||||
// This doesn't need an additional policy check because
|
||||
// MAY_ACCESS is required to even enter this switch statement.
|
||||
if (lstat(pathBuf, &sb) == 0) {
|
||||
resp.mError = -EEXIST;
|
||||
} else {
|
||||
AuditDenial(req.mOp, req.mFlags, perms, pathBuf);
|
||||
}
|
||||
}
|
||||
break;
|
||||
|
||||
|
@ -321,6 +321,10 @@ TEST_F(SandboxBrokerTest, Mkdir)
|
||||
EXPECT_EQ(-EACCES, Mkdir("/tmp/nope", 0600))
|
||||
<< "Creating dir without MAY_CREATE succeed.";
|
||||
EXPECT_EQ(0, rmdir("/tmp/blublu"));
|
||||
EXPECT_EQ(-EEXIST, Mkdir("/proc/self", 0600))
|
||||
<< "Creating uncreatable dir that already exists didn't fail correctly.";
|
||||
EXPECT_EQ(-EEXIST, Mkdir("/dev/zero", 0600))
|
||||
<< "Creating uncreatable dir over preexisting file didn't fail correctly.";
|
||||
|
||||
PrePostTestCleanup();
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user