mirrors/ladybird
0
0
Fork 0
mirror of https://github.com/LadybirdBrowser/ladybird.git synced 2025-04-29 07:48:47 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 9

Kernel: Ensure that an unveil node with no permission is never accepted

Browse source 
Otherwise nodes inheriting from root may still be accessed with
`access(..., F_OK)`.
Also adds a test case to TestKernelUnveil about this behaviour.
This commit is contained in:
Ali Mohammad Pur 2021-05-30 00:05:55 +04:30 committed by Andreas Kling
parent 8ce015742d
commit 90de1ded55
Notes: sideshowbarker 2024-07-18 17:11:46 +09:00
2 changed files with 5 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

2
Kernel/FileSystem/VirtualFileSystem.cpp
View file

@ -851,7 +851,7 @@ KResult VFS::validate_path_against_process_veil(StringView path, int options)
return EINVAL;
auto* unveiled_path = find_matching_unveiled_path(path);
if (!unveiled_path) {
if (!unveiled_path || unveiled_path->permissions() == UnveilAccess::None) {
dbgln("Rejecting path '{}' since it hasn't been unveiled.", path);
dump_backtrace();
return ENOENT;