Message ID | 20240410083828.20650-1-heinrich.schuchardt@canonical.com |
---|---|
State | New |
Delegated to: | Simon Glass |
Headers | show |
Series | [1/1] sandbox: use sane access rights for files | expand |
On 4/10/24 04:38, Heinrich Schuchardt wrote: > When writing an executable, allowing other users to modify it introduces > a security issue. > > Generally we should avoid giving other users write access to our files by > default. > > Replace chmod(777) by chmod(755) and chmod(644). > > Fixes: 47f5fcfb4169 ("sandbox: Add os_jump_to_image() to run another executable") > Fixes: d9165153caea ("sandbox: add flags for open() call") > Fixes: 5c2859cdc302 ("sandbox: Allow reading/writing of RAM buffer") > Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com> > --- > arch/sandbox/cpu/os.c | 6 +++--- > 1 file changed, 3 insertions(+), 3 deletions(-) > > diff --git a/arch/sandbox/cpu/os.c b/arch/sandbox/cpu/os.c > index cbae5109e85..1cf41578010 100644 > --- a/arch/sandbox/cpu/os.c > +++ b/arch/sandbox/cpu/os.c > @@ -109,7 +109,7 @@ int os_open(const char *pathname, int os_flags) > */ > flags |= O_CLOEXEC; > > - return open(pathname, flags, 0777); > + return open(pathname, flags, 0644); > } > > int os_close(int fd) > @@ -746,7 +746,7 @@ int os_write_ram_buf(const char *fname) > struct sandbox_state *state = state_get_current(); > int fd, ret; > > - fd = open(fname, O_CREAT | O_WRONLY, 0777); > + fd = open(fname, O_CREAT | O_WRONLY, 0644); > if (fd < 0) > return -ENOENT; > ret = write(fd, state->ram_buf, state->ram_size); > @@ -791,7 +791,7 @@ static int make_exec(char *fname, const void *data, int size) > if (write(fd, data, size) < 0) > return -EIO; > close(fd); > - if (chmod(fname, 0777)) > + if (chmod(fname, 0755)) > return -ENOEXEC; > > return 0; Reviewed-by: Sean Anderson <seanga2@gmail.com>
diff --git a/arch/sandbox/cpu/os.c b/arch/sandbox/cpu/os.c index cbae5109e85..1cf41578010 100644 --- a/arch/sandbox/cpu/os.c +++ b/arch/sandbox/cpu/os.c @@ -109,7 +109,7 @@ int os_open(const char *pathname, int os_flags) */ flags |= O_CLOEXEC; - return open(pathname, flags, 0777); + return open(pathname, flags, 0644); } int os_close(int fd) @@ -746,7 +746,7 @@ int os_write_ram_buf(const char *fname) struct sandbox_state *state = state_get_current(); int fd, ret; - fd = open(fname, O_CREAT | O_WRONLY, 0777); + fd = open(fname, O_CREAT | O_WRONLY, 0644); if (fd < 0) return -ENOENT; ret = write(fd, state->ram_buf, state->ram_size); @@ -791,7 +791,7 @@ static int make_exec(char *fname, const void *data, int size) if (write(fd, data, size) < 0) return -EIO; close(fd); - if (chmod(fname, 0777)) + if (chmod(fname, 0755)) return -ENOEXEC; return 0;
When writing an executable, allowing other users to modify it introduces a security issue. Generally we should avoid giving other users write access to our files by default. Replace chmod(777) by chmod(755) and chmod(644). Fixes: 47f5fcfb4169 ("sandbox: Add os_jump_to_image() to run another executable") Fixes: d9165153caea ("sandbox: add flags for open() call") Fixes: 5c2859cdc302 ("sandbox: Allow reading/writing of RAM buffer") Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com> --- arch/sandbox/cpu/os.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-)