diff options
author | Lasse Collin <lasse.collin@tukaani.org> | 2023-03-07 19:59:23 +0200 |
---|---|---|
committer | Lasse Collin <lasse.collin@tukaani.org> | 2023-03-11 19:34:39 +0200 |
commit | fd56d5353360279c10e8e5e05f5bc6ea03f64584 (patch) | |
tree | 837d5858ab3dc3eae0cf557bc39ef5bb7ca11d9b /src/xz/file_io.c | |
parent | xz: Don't fail if Capsicum is enabled but kernel doesn't support it. (diff) | |
download | xz-fd56d5353360279c10e8e5e05f5bc6ea03f64584.tar.xz |
xz: Make Capsicum sandbox more strict with stdin and stdout.
Diffstat (limited to 'src/xz/file_io.c')
-rw-r--r-- | src/xz/file_io.c | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/src/xz/file_io.c b/src/xz/file_io.c index 3f5279f0..29f46ea7 100644 --- a/src/xz/file_io.c +++ b/src/xz/file_io.c @@ -199,11 +199,19 @@ io_sandbox_enter(int src_fd) CAP_EVENT, CAP_FCNTL, CAP_LOOKUP, CAP_READ, CAP_SEEK))) goto error; + if (src_fd != STDIN_FILENO && cap_rights_limit( + STDIN_FILENO, cap_rights_clear(&rights))) + goto error; + if (cap_rights_limit(STDOUT_FILENO, cap_rights_init(&rights, CAP_EVENT, CAP_FCNTL, CAP_FSTAT, CAP_LOOKUP, CAP_WRITE, CAP_SEEK))) goto error; + if (cap_rights_limit(STDERR_FILENO, cap_rights_init(&rights, + CAP_WRITE))) + goto error; + if (cap_rights_limit(user_abort_pipe[0], cap_rights_init(&rights, CAP_EVENT))) goto error; |