fergalmoran/ladybird
1
0
Fork 0
mirror of https://github.com/fergalmoran/ladybird.git synced 2026-02-22 23:55:12 +00:00
Code Issues Packages Projects Releases Wiki Activity

Kernel: mknod() should not allow unprivileged users to create devices

Browse Source 
In fact, unless you are superuser, you may only create a regular file,
a named pipe, or a local domain socket. Anything else should EPERM.
This commit is contained in:
Andreas Kling
2020-01-02 02:36:12 +01:00
parent 3dcec260ed
commit c7eb3ff1b3
1 changed files with 5 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
Kernel/Process.cpp
View File

@@ -3478,6 +3478,11 @@ int Process::sys$mknod(const char* pathname, mode_t mode, dev_t dev)
if (!validate_read_str(pathname))
return -EFAULT;
if (!is_superuser()) {
if (!is_regular_file(mode) && !is_fifo(mode) && !is_socket(mode))
return -EPERM;
}
return VFS::the().mknod(StringView(pathname), mode, dev, current_directory());
}