xz: Fix the Capsicum rights on user_abort_pipe.

author: Lasse Collin <lasse.collin@tukaani.org> 2015-04-01 14:45:25 +0300
committer: Lasse Collin <lasse.collin@tukaani.org> 2016-12-30 13:13:57 +0200
commit: cae412b2b77d7fd88d187ed7659331709311f80d (patch)
tree: bc866d54822c2bf07c9caf608e31afb0d5f0a188
parent: Mention potential sandboxing bugs in INSTALL. (diff)
download: xz-cae412b2b77d7fd88d187ed7659331709311f80d.tar.xz
1 files changed, 5 insertions, 1 deletions
diff --git a/src/xz/file_io.c b/src/xz/file_io.c
index 9eca6950..c01f4e8b 100644
--- a/src/xz/file_io.c
+++ b/src/xz/file_io.c
@@ -198,8 +198,12 @@ io_sandbox_enter(int src_fd)
 			CAP_WRITE, CAP_SEEK)))
 		goto error;
 
+	if (cap_rights_limit(user_abort_pipe[0], cap_rights_init(&rights,
+			CAP_EVENT)))
+		goto error;
+
 	if (cap_rights_limit(user_abort_pipe[1], cap_rights_init(&rights,
-			CAP_EVENT, CAP_WRITE)))
+			CAP_WRITE)))
 		goto error;
 
 	if (cap_enter())
author	Lasse Collin <lasse.collin@tukaani.org>	2015-04-01 14:45:25 +0300
committer	Lasse Collin <lasse.collin@tukaani.org>	2016-12-30 13:13:57 +0200
commit	cae412b2b77d7fd88d187ed7659331709311f80d (patch)
tree	bc866d54822c2bf07c9caf608e31afb0d5f0a188
parent	Mention potential sandboxing bugs in INSTALL. (diff)
download	xz-cae412b2b77d7fd88d187ed7659331709311f80d.tar.xz