mirror of
https://github.com/LadybirdBrowser/ladybird.git
synced 2025-04-27 14:58:46 +00:00
Kernel: Ensure that an unveil node with no permission is never accepted
Otherwise nodes inheriting from root may still be accessed with `access(..., F_OK)`. Also adds a test case to TestKernelUnveil about this behaviour.
This commit is contained in:
parent
8ce015742d
commit
90de1ded55
Notes:
sideshowbarker
2024-07-18 17:11:46 +09:00
Author: https://github.com/alimpfard
Commit: 90de1ded55
Pull-request: https://github.com/SerenityOS/serenity/pull/7569
2 changed files with 5 additions and 1 deletions
|
@ -851,7 +851,7 @@ KResult VFS::validate_path_against_process_veil(StringView path, int options)
|
|||
return EINVAL;
|
||||
|
||||
auto* unveiled_path = find_matching_unveiled_path(path);
|
||||
if (!unveiled_path) {
|
||||
if (!unveiled_path || unveiled_path->permissions() == UnveilAccess::None) {
|
||||
dbgln("Rejecting path '{}' since it hasn't been unveiled.", path);
|
||||
dump_backtrace();
|
||||
return ENOENT;
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue