On Sun, Apr 19, 2015 at 02:46:28PM +0300, Lauri Võsandi wrote:
> This patch forces btrfs receive to issue chroot before
> parsing the btrfs stream using command-line flag -C
> to confine the process and minimize damage that could
> be done via malicious btrfs stream.
>
> Signed-off-by: Lauri Võsandi <lauri.vosandi@xxxxxxxxx>
Applied with some updates, thanks.
> - /*
> - * find_mount_root returns a root_path that is a subpath of
> - * dest_dir_full_path. Now get the other part of root_path,
> - * which is the destination dir relative to root_path.
> - */
> - r->dest_dir_path = dest_dir_full_path + strlen(r->root_path);
> - while (r->dest_dir_path[0] == '/')
> - r->dest_dir_path++;
This goes to the 'else' branch of the 'if' below.
> + if (r->dest_dir_chroot) {
> + if (chroot(dest_dir_full_path)) {
> + ret = -errno;
> + fprintf(stderr,
> + "ERROR: failed to chroot to %s, %s\n",
> + dest_dir_full_path,
> + strerror(-ret));
> + goto out;
> + }
> + if(chdir("/")) {
> + ret = -errno;
> + fprintf(stderr,
> + "ERROR: failed to chdir to /, %s\n",
> + strerror(-ret));
> + goto out;
> + }
> + if (g_verbose >= 1) {
> + fprintf(stderr, "chrooted to %s\n",
> + dest_dir_full_path);
> + }
> + r->root_path = r->dest_dir_path = strdup("/");
> + }
> - c = getopt_long(argc, argv, "evf:", long_opts, NULL);
> + c = getopt_long(argc, argv, "Cevf:", long_opts, NULL);
added the long option --chroot
--
To unsubscribe from this list: send the line "unsubscribe linux-btrfs" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
