tools: fix elevated privilege handler in lxc-attach

Make sure to return an error when the user requests an LSM profile to be
set while also requesting that elevated LSM privileges are to be used.

Signed-off-by: Maximilian Blenk <Maximilian.Blenk@bmw.de>
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

diff --git a/src/lxc/tools/lxc_attach.c b/src/lxc/tools/lxc_attach.c
index e065008845f28b75a92b1a70196c9e89edcd274a..0374d980b41c744a2decbd8e90b703d2dad6cfbf 100644 (file)
--- a/src/lxc/tools/lxc_attach.c
+++ b/src/lxc/tools/lxc_attach.c
@@ -334,8 +334,23 @@ int main(int argc, char *argv[])
        if (remount_sys_proc)
                attach_options.attach_flags |= LXC_ATTACH_REMOUNT_PROC_SYS;
 
-       if (elevated_privileges)
+       if (elevated_privileges) {
+               if ((elevated_privileges & LXC_ATTACH_LSM_EXEC)) {
+                       if (selinux_context) {
+                               ERROR("Cannot combine elevated LSM privileges while requesting LSM profile");
+                               goto out;
+                       }
+
+                       /*
+                        * While most LSM flags are off by default let's still
+                        * make sure they are stripped when elevated LSM
+                        * privileges are requested.
+                        */
+                       elevated_privileges |= LXC_ATTACH_LSM;
+               }
+
                attach_options.attach_flags &= ~(elevated_privileges);
+       }
 
        if (stdfd_is_pty())
                attach_options.attach_flags |= LXC_ATTACH_TERMINAL;