f25d462166
sysctl would try to read/write any path you gave it either on the command line or configuration file. It would append /proc/sys on the path but not check for any sneaky path traversal with ../ This commit means it first resolves all paths using realpath(3) and then checks the path starts with "/proc/sys/" At first I thought this might be a non-issue, but perhaps someone could put a file into the sysctl configuration path and.. do something? Anyway its a 8-line fix and makes things more correct. References: #179 Signed-off-by: Craig Small <csmall@dropbear.xyz>
31 KiB
31 KiB