aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSergei Trofimovich <slyfox@gentoo.org>2019-12-25 00:39:13 +0000
committerMichał Górny <mgorny@gentoo.org>2020-05-31 09:38:28 +0200
commit24fd102c99763502a7ab0d1f6f26632673216371 (patch)
tree1303807819ea617e56985908a27ec26a06d378b8 /tests/script-16.sh
parentlibsandbox/libsandbox.c: add errno output for internal sandbox violations (diff)
downloadsandbox-24fd102c99763502a7ab0d1f6f26632673216371.tar.gz
sandbox-24fd102c99763502a7ab0d1f6f26632673216371.tar.bz2
sandbox-24fd102c99763502a7ab0d1f6f26632673216371.zip
check_syscall(): turn internal sandbox violation into denywrite
In #590084 test suite performed to list files in a deleted directory: $ sandbox 'mkdir /tmp/zzz; cd /tmp/zzz; rmdir /tmp/zzz; ls' * sandbox-2.18/libsandbox/libsandbox.c:check_syscall():974: failure (No such file or directory): * ISE: opendir(.) abs_path: (null) res_path: (null) Another reproducer is to create file outside deleted directory relative to that directory: $ sandbox 'mkdir /tmp/zzz; cd /tmp/zzz; rmdir /tmp/zzz; touch ../foo' * sandbox-2.18/libsandbox/libsandbox.c:check_syscall():974: failure (No such file or directory): * ISE: open_wr(../foo) abs_path: (null) res_path: (null) sandbox can't validate safety of any of these operations as kernel does not provide a mechanism to resolve '.' back to an absolute path. As it's a rare condition let's turn it into a sandbox violation instead of internal sandbox error and link to the bug with details in the error message. Report after the change looks like: $ ./sandbox.sh 'mkdir /tmp/zzz; cd /tmp/zzz; rmdir /tmp/zzz; touch ../foo' * ACCESS DENIED: open_wr: '../foo' (from deleted directory, see https://bugs.gentoo.org/590084) * ACCESS DENIED: utimensat: '../foo' (from deleted directory, see https://bugs.gentoo.org/590084) touch: cannot touch '../foo': Permission denied Reported-by: Mike Gilbert Bug: https://bugs.gentoo.org/590084 Signed-off-by: Sergei Trofimovich <slyfox@gentoo.org> Signed-off-by: Michał Górny <mgorny@gentoo.org>
Diffstat (limited to 'tests/script-16.sh')
-rwxr-xr-xtests/script-16.sh11
1 files changed, 11 insertions, 0 deletions
diff --git a/tests/script-16.sh b/tests/script-16.sh
new file mode 100755
index 0000000..c668cfa
--- /dev/null
+++ b/tests/script-16.sh
@@ -0,0 +1,11 @@
+#!/bin/sh
+
+addwrite $PWD
+
+mkdir -p to-be/deleted
+cd to-be/deleted
+rmdir ../deleted
+
+# In https://bugs.gentoo.org/590084 sanbox should deny
+# access here and touch should fail:
+! touch ../foo