emo/openrc
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

src/rc/checkpath.c: replace mkdir() with mkdirat().

Browse Source 
The do_check() function recently gained some defenses against symlink
replacement attacks that involve the use of *at functions in place of
their vanilla counterparts; openat() instead of open(), for example.
One opportunity to replace mkdir() with mkdirat() was missed, however,
and this commit replaces it.

This fixes #386.
This commit is contained in:
Michael Orlitzky 2020-11-25 07:15:50 -05:00 committed by William Hubbs
parent ac7ca6d901
commit 00ea216608
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/rc/checkpath.c
View File

@ -197,10 +197,10 @@ static int do_check(char *path, uid_t uid, gid_t gid, mode_t mode,
mode = S_IRWXU | S_IRWXG | S_IROTH | S_IXOTH; mode = S_IRWXU | S_IRWXG | S_IROTH | S_IXOTH;
u = umask(0); u = umask(0);
/* We do not recursively create parents */ /* We do not recursively create parents */
r = mkdir(path, mode); r = mkdirat(dirfd, name, mode);
umask(u); umask(u);
if (r == -1 && errno != EEXIST) { if (r == -1 && errno != EEXIST) {
eerror("%s: mkdir: %s", applet, eerror("%s: mkdirat: %s", applet,
strerror (errno)); strerror (errno));
return -1; return -1;
} }