review.tizen.org Git - platform/upstream/systemd.git/commit

author	Mateusz Moscicki <m.moscicki2@partner.samsung.com>
	Wed, 20 Nov 2019 13:34:23 +0000 (14:34 +0100)
committer	INSUN PYO <insun.pyo@samsung.com>
	Wed, 4 Dec 2019 23:56:26 +0000 (08:56 +0900)
commit	1d71394847e4dddf154135ef55222cc28419a91e
tree	1def8c9dbdd0f62592b4c876bf09fa9ab2e1b326	tree \| snapshot
parent	a55041b1112692587020daf16ac8831834afb922	commit \| diff

fs-util: add new CHASE_SAFE flag to chase_symlinks()

When the flag is specified we won't transition to a privilege-owned
file or directory from an unprivileged-owned one. This is useful when
privileged code wants to load data from a file unprivileged users have
write access to, and validates the ownership, but want's to make sure
that no symlink games are played to read a root-owned system file
belonging to a different context.

(cherry picked from commit f14f1806e329fe92d01f15c22a384702f0cb4ae0)

Change-Id: I86dfede53114a23d708744a9c47abc9eaf05a8d1
Related: #1663143

src/basic/fs-util.c		diff \| blob \| history
src/basic/fs-util.h		diff \| blob \| history
src/test/test-fs-util.c		diff \| blob \| history