diff options
author | Lasse Collin <lasse.collin@tukaani.org> | 2015-04-01 14:45:25 +0300 |
---|---|---|
committer | Lasse Collin <lasse.collin@tukaani.org> | 2016-12-30 13:13:57 +0200 |
commit | cae412b2b77d7fd88d187ed7659331709311f80d (patch) | |
tree | bc866d54822c2bf07c9caf608e31afb0d5f0a188 /src/xz | |
parent | Mention potential sandboxing bugs in INSTALL. (diff) | |
download | xz-cae412b2b77d7fd88d187ed7659331709311f80d.tar.xz |
xz: Fix the Capsicum rights on user_abort_pipe.
Diffstat (limited to 'src/xz')
-rw-r--r-- | src/xz/file_io.c | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/src/xz/file_io.c b/src/xz/file_io.c index 9eca6950..c01f4e8b 100644 --- a/src/xz/file_io.c +++ b/src/xz/file_io.c @@ -198,8 +198,12 @@ io_sandbox_enter(int src_fd) CAP_WRITE, CAP_SEEK))) goto error; + if (cap_rights_limit(user_abort_pipe[0], cap_rights_init(&rights, + CAP_EVENT))) + goto error; + if (cap_rights_limit(user_abort_pipe[1], cap_rights_init(&rights, - CAP_EVENT, CAP_WRITE))) + CAP_WRITE))) goto error; if (cap_enter()) |