FHS: Do not allow any unknown subdirectories in /var

author Michael Tremer <michael.tremer@ipfire.org>

Fri, 17 Mar 2023 10:53:13 +0000 (10:53 +0000)

committer Michael Tremer <michael.tremer@ipfire.org>

Fri, 17 Mar 2023 10:53:13 +0000 (10:53 +0000)
author Michael Tremer <michael.tremer@ipfire.org>
Fri, 17 Mar 2023 10:53:13 +0000 (10:53 +0000)
committer Michael Tremer <michael.tremer@ipfire.org>
Fri, 17 Mar 2023 10:53:13 +0000 (10:53 +0000)
diff --git a/src/libpakfire/fhs.c b/src/libpakfire/fhs.c

index 14dd70ff53e01b9c6a9a30e32fa6d09d50ae2599..bf4ad3e855a90c722020670cf8bf99413485ee1b 100644 (file)
--- a/src/libpakfire/fhs.c
+++ b/src/libpakfire/fhs.c
@@ -76,6 +76,10 @@ static const struct pakfire_fhs_check {
         { "/var/run",     S_IFLNK, 0, 0755, "root", "root" },
         { "/var/spool",   S_IFDIR, 0, 0755, "root", "root" },
         { "/var/tmp",     S_IFDIR, 0, 0755, "root", "root" },
+
+       // Do not allow any subdirectories in /var
+       { "/var/*",       0, PAKFIRE_FHS_MUSTNOTEXIST, 0, NULL, NULL },
+       { "/var/empty/**",0, PAKFIRE_FHS_MUSTNOTEXIST, 0, NULL, NULL },
         { "/var/tmp/**",  0, PAKFIRE_FHS_MUSTNOTEXIST, 0, NULL, NULL },
  
         // /boot
author	Michael Tremer <michael.tremer@ipfire.org>
	Fri, 17 Mar 2023 10:53:13 +0000 (10:53 +0000)
committer	Michael Tremer <michael.tremer@ipfire.org>
	Fri, 17 Mar 2023 10:53:13 +0000 (10:53 +0000)