svn commit: r231138 - stable/9/usr.sbin/jail
Martin Matuska
mm at FreeBSD.org
Tue Feb 7 17:46:02 UTC 2012
Author: mm
Date: Tue Feb 7 17:46:02 2012
New Revision: 231138
URL: http://svn.freebsd.org/changeset/base/231138
Log:
MFC r230495:
Try resolving jail path with realpath(3).
jail(8) does a chdir(2) to the given path argument. Kernel evaluates the
jail path from the new cwd and not from the original cwd, which leads to
undesired behavior if given a relative path.
Reviewed by: jamie
Modified:
stable/9/usr.sbin/jail/jail.c
Directory Properties:
stable/9/usr.sbin/jail/ (props changed)
Modified: stable/9/usr.sbin/jail/jail.c
==============================================================================
--- stable/9/usr.sbin/jail/jail.c Tue Feb 7 17:45:11 2012 (r231137)
+++ stable/9/usr.sbin/jail/jail.c Tue Feb 7 17:46:02 2012 (r231138)
@@ -508,6 +508,7 @@ static void
set_param(const char *name, char *value)
{
struct jailparam *param;
+ char path[PATH_MAX];
int i;
static int paramlistsize;
@@ -520,8 +521,13 @@ set_param(const char *name, char *value)
}
/* jail_set won't chdir along with its chroot, so do it here. */
- if (!strcmp(name, "path") && chdir(value) < 0)
- err(1, "chdir: %s", value);
+ if (!strcmp(name, "path")) {
+ /* resolve the path with realpath(3) */
+ if (realpath(value, path) != NULL)
+ value = path;
+ if (chdir(value) < 0)
+ err(1, "chdir: %s", value);
+ }
/* Check for repeat parameters */
for (i = 0; i < nparams; i++)
More information about the svn-src-stable-9
mailing list