From: Daniel Lezcano <dlezcano@fr.ibm.com>
Date: Tue, 20 Jul 2010 11:45:44 +0000 (+0200)
Subject: fix console overwrite any file
X-Git-Tag: lxc-0.7.2~13
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=00dbc43e308bcccf5b2147e7fdb37bf9ca693fdc;p=thirdparty%2Flxc.git

fix console overwrite any file

Prevent to specify a file not belonging to us as the output for the console

Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>
---

diff --git a/src/lxc/console.c b/src/lxc/console.c
index 1ab2b29e1..edefc41c2 100644
--- a/src/lxc/console.c
+++ b/src/lxc/console.c
@@ -30,10 +30,10 @@
 #include <sys/types.h>
 #include <sys/un.h>
 
-#include <lxc/log.h>
-#include <lxc/conf.h>
-#include <lxc/start.h> 	/* for struct lxc_handler */
-
+#include "log.h"
+#include "conf.h"
+#include "start.h" 	/* for struct lxc_handler */
+#include "caps.h"
 #include "commands.h"
 #include "mainloop.h"
 #include "af_unix.h"
@@ -192,7 +192,8 @@ int lxc_create_console(struct lxc_conf *conf)
 		goto err;
 	}
 
-	fd = open(console->path, O_CLOEXEC | O_RDWR | O_CREAT | O_APPEND, 0600);
+	fd = lxc_unpriv(open(console->path, O_CLOEXEC | O_RDWR | O_CREAT |
+			     O_APPEND, 0600));
 	if (fd < 0) {
 		SYSERROR("failed to open '%s'", console->path);
 		goto err;