diff options
| author |   Mike Frysinger <vapier@gentoo.org> | 2009-06-04 04:24:00 -0400 |
|---|---|---|
| committer | Mike Frysinger <vapier@gentoo.org> | 2009-06-04 04:24:00 -0400 |
| commit | 0b9fa88c256854f583135f975ab3d757bbc51d84 (patch) | |
| tree | 0595e9c472c0a4881ce1bca0da481e8973e6062f | |
| parent | libsandbox: convert trace to waitpid() (diff) | |
| download | sandbox-0b9fa88c256854f583135f975ab3d757bbc51d84.tar.gz sandbox-0b9fa88c256854f583135f975ab3d757bbc51d84.tar.bz2 sandbox-0b9fa88c256854f583135f975ab3d757bbc51d84.zip | |
libsandbox: disable corner case recover when tracingv2.0
The code that tries to recover from unreadable paths relies on relative
access to the paths in question, and we can't rely on that when tracing.
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
| -rw-r--r-- | libsandbox/canonicalize.c | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/libsandbox/canonicalize.c b/libsandbox/canonicalize.c index 19682c2..2166ac9 100644 --- a/libsandbox/canonicalize.c +++ b/libsandbox/canonicalize.c @@ -87,6 +87,10 @@ erealpath(const char *name, char *resolved) goto error; } + /* This stat() business uses relative paths atm */ + if (trace_pid) + goto no_recover; + /* Can we actually access the working dir (sane perms) ? * If not, try a little harder to consume this path in * case it has symlinks out into a better world ... @@ -134,6 +138,7 @@ erealpath(const char *name, char *resolved) } while (p); } + no_recover: dest = strchr(rpath, '\0'); } else { recover_full: |