[prev in list] [next in list] [prev in thread] [next in thread] 

List:       lxc-devel
Subject:    [lxc-devel] [patch -lxc 5/6] fix console overwrite any file
From:       dlezcano () fr ! ibm ! com (Daniel Lezcano)
Date:       2010-07-12 12:56:47
Message-ID: 1278939408-4086-6-git-send-email-dlezcano () fr ! ibm ! com
[Download RAW message or body]

Prevent to specify a file not belonging to us as the output for the console

Signed-off-by: Daniel Lezcano <dlezcano at fr.ibm.com>
---
 src/lxc/console.c |   11 ++++++-----
 1 files changed, 6 insertions(+), 5 deletions(-)

diff --git a/src/lxc/console.c b/src/lxc/console.c
index 1ab2b29..edefc41 100644
--- a/src/lxc/console.c
+++ b/src/lxc/console.c
@@ -30,10 +30,10 @@
 #include <sys/types.h>
 #include <sys/un.h>
 
-#include <lxc/log.h>
-#include <lxc/conf.h>
-#include <lxc/start.h> 	/* for struct lxc_handler */
-
+#include "log.h"
+#include "conf.h"
+#include "start.h" 	/* for struct lxc_handler */
+#include "caps.h"
 #include "commands.h"
 #include "mainloop.h"
 #include "af_unix.h"
@@ -192,7 +192,8 @@ int lxc_create_console(struct lxc_conf *conf)
 		goto err;
 	}
 
-	fd = open(console->path, O_CLOEXEC | O_RDWR | O_CREAT | O_APPEND, 0600);
+	fd = lxc_unpriv(open(console->path, O_CLOEXEC | O_RDWR | O_CREAT |
+			     O_APPEND, 0600));
 	if (fd < 0) {
 		SYSERROR("failed to open '%s'", console->path);
 		goto err;
-- 
1.7.0.4




[prev in list] [next in list] [prev in thread] [next in thread]