diff options
author | Lasse Collin <lasse.collin@tukaani.org> | 2023-03-07 19:59:23 +0200 |
---|---|---|
committer | Jia Tan <jiat0218@gmail.com> | 2023-03-08 23:22:15 +0800 |
commit | a0eecc235d3ba8ad3453da98b46c7bc3e644de75 (patch) | |
tree | 5757d903e8498f400fd9d1274306f5b3f66e98b8 | |
parent | Revert: "Add warning if Capsicum sandbox system calls are unsupported." (diff) | |
download | xz-a0eecc235d3ba8ad3453da98b46c7bc3e644de75.tar.xz |
xz: Make Capsicum sandbox more strict with stdin and stdout.
-rw-r--r-- | src/xz/file_io.c | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/src/xz/file_io.c b/src/xz/file_io.c index 37710428..ca452cdc 100644 --- a/src/xz/file_io.c +++ b/src/xz/file_io.c @@ -199,11 +199,19 @@ io_sandbox_enter(int src_fd) CAP_EVENT, CAP_FCNTL, CAP_LOOKUP, CAP_READ, CAP_SEEK))) goto capsicum_error; + if (src_fd != STDIN_FILENO && cap_rights_limit( + STDIN_FILENO, cap_rights_clear(&rights))) + goto capsicum_error; + if (cap_rights_limit(STDOUT_FILENO, cap_rights_init(&rights, CAP_EVENT, CAP_FCNTL, CAP_FSTAT, CAP_LOOKUP, CAP_WRITE, CAP_SEEK))) goto capsicum_error; + if (cap_rights_limit(STDERR_FILENO, cap_rights_init(&rights, + CAP_WRITE))) + goto capsicum_error; + if (cap_rights_limit(user_abort_pipe[0], cap_rights_init(&rights, CAP_EVENT))) goto capsicum_error; |