xz: Make Capsicum sandbox more strict with stdin and stdout.

author Lasse Collin <lasse.collin@tukaani.org>

Tue, 7 Mar 2023 17:59:23 +0000 (19:59 +0200)

committer Lasse Collin <lasse.collin@tukaani.org>

Sat, 11 Mar 2023 17:34:39 +0000 (19:34 +0200)
author Lasse Collin <lasse.collin@tukaani.org>
Tue, 7 Mar 2023 17:59:23 +0000 (19:59 +0200)
committer Lasse Collin <lasse.collin@tukaani.org>
Sat, 11 Mar 2023 17:34:39 +0000 (19:34 +0200)
diff --git a/src/xz/file_io.c b/src/xz/file_io.c

index 3f5279f030867187f2ea574f85c055ef239ba3ff..29f46ea7fe93439f9ce1a656afe551f77853e025 100644 (file)
--- a/src/xz/file_io.c
+++ b/src/xz/file_io.c
@@ -199,11 +199,19 @@ io_sandbox_enter(int src_fd)
                         CAP_EVENT, CAP_FCNTL, CAP_LOOKUP, CAP_READ, CAP_SEEK)))
                 goto error;
  
+       if (src_fd != STDIN_FILENO && cap_rights_limit(
+                       STDIN_FILENO, cap_rights_clear(&rights)))
+               goto error;
+
         if (cap_rights_limit(STDOUT_FILENO, cap_rights_init(&rights,
                         CAP_EVENT, CAP_FCNTL, CAP_FSTAT, CAP_LOOKUP,
                         CAP_WRITE, CAP_SEEK)))
                 goto error;
  
+       if (cap_rights_limit(STDERR_FILENO, cap_rights_init(&rights,
+                       CAP_WRITE)))
+               goto error;
+
         if (cap_rights_limit(user_abort_pipe[0], cap_rights_init(&rights,
                         CAP_EVENT)))
                 goto error;
author	Lasse Collin <lasse.collin@tukaani.org>
	Tue, 7 Mar 2023 17:59:23 +0000 (19:59 +0200)
committer	Lasse Collin <lasse.collin@tukaani.org>
	Sat, 11 Mar 2023 17:34:39 +0000 (19:34 +0200)