From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Fri, 18 May 2018 04:29:26 +0000 (+0900)
Subject: core: refuse StateDirectory=private
X-Git-Tag: v239~242^2~2
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=8994a11790dc9bf91cdd94f5f90db0c3faaa23bf;p=thirdparty%2Fsystemd.git

core: refuse StateDirectory=private

Follow-up for e8865688735ba3bd34297fa89cca6bde7ba33997 (#9021).
---

diff --git a/src/core/dbus-execute.c b/src/core/dbus-execute.c
index 3b1c77e9676..fe9701b33d0 100644
--- a/src/core/dbus-execute.c
+++ b/src/core/dbus-execute.c
@@ -2139,8 +2139,14 @@ int bus_exec_context_set_transient_property(
                         return r;
 
                 STRV_FOREACH(p, l) {
-                        if (!path_is_normalized(*p) || path_is_absolute(*p))
-                                return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "%s= path is not valid: %s", name, *p);
+                        if (!path_is_normalized(*p))
+                                return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "%s= path is not normalized: %s", name, *p);
+
+                        if (path_is_absolute(*p))
+                                return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "%s= path is absolute: %s", name, *p);
+
+                        if (path_startswith(*p, "private"))
+                                return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "%s= path can't be 'private': %s", name, *p);
                 }
 
                 if (!UNIT_WRITE_FLAGS_NOOP(flags)) {