From cbc2ddf5b347d4e230de8bedcfcf5e847ef39833 Mon Sep 17 00:00:00 2001 From: Christian Brauner Date: Wed, 3 Feb 2021 21:57:44 +0100 Subject: [PATCH] utils: harden __safe_mount_beneath_at() Signed-off-by: Christian Brauner --- src/lxc/utils.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/lxc/utils.c b/src/lxc/utils.c index 12735f589..e94765086 100644 --- a/src/lxc/utils.c +++ b/src/lxc/utils.c @@ -1081,8 +1081,8 @@ int __safe_mount_beneath_at(int beneath_fd, const char *src, const char *dst, co { __do_close int source_fd = -EBADF, target_fd = -EBADF; struct lxc_open_how how = { - .flags = O_RDONLY | O_CLOEXEC | O_PATH, - .resolve = RESOLVE_NO_SYMLINKS | RESOLVE_NO_MAGICLINKS | RESOLVE_BENEATH, + .flags = PROTECT_OPATH_DIRECTORY, + .resolve = PROTECT_LOOKUP_BENEATH_WITH_MAGICLINKS, }; int ret; char src_buf[LXC_PROC_PID_FD_LEN], tgt_buf[LXC_PROC_PID_FD_LEN]; @@ -1122,7 +1122,7 @@ int safe_mount_beneath(const char *beneath, const char *src, const char *dst, co __do_close int beneath_fd = -EBADF; const char *path = beneath ? beneath : "/"; - beneath_fd = openat(-1, path, O_RDONLY | O_CLOEXEC | O_DIRECTORY | O_PATH); + beneath_fd = openat(-1, path, PROTECT_OPATH_DIRECTORY); if (beneath_fd < 0) return log_error_errno(-errno, errno, "Failed to open %s", path); -- 2.47.2