execute: check whether the specified fd is a tty before chowning/chmoding it (#3457)

Let's add an extra safety check before we chmod/chown a TTY to the right user, as we might end up having connected something to STDIN/STDOUT that is actually not a TTY, even though this might have been requested, due to permissive StandardInput= settings or transient service activation with fds passed in. Fixes: https://bugs.freedesktop.org/show_bug.cgi?id=85255
author: Lennart Poettering <lennart@poettering.net> 2016-06-09 10:01:16 +0200
committer: Daniel Mack <github@zonque.org> 2016-06-09 10:01:16 +0200
commit: 1ff74fb6e3243a2ade9ac38aa5effccb25432ad1 (patch)
tree: 4ae6d6ffca3550b4bdef36569935a01675f48c8a /src/core/execute.c
parent: 867476a30a01aeb22cc696bec9f9df788ca58ac1 (diff)
1 files changed, 4 insertions, 0 deletions
diff --git a/src/core/execute.c b/src/core/execute.c
index 2cef70e668..e718c43df9 100644
--- a/src/core/execute.c
+++ b/src/core/execute.c
@@ -552,6 +552,10 @@ static int chown_terminal(int fd, uid_t uid) {
 
         assert(fd >= 0);
 
+        /* Before we chown/chmod the TTY, let's ensure this is actually a tty */
+        if (isatty(fd) < 1)
+                return 0;
+
         /* This might fail. What matters are the results. */
         (void) fchown(fd, uid, -1);
         (void) fchmod(fd, TTY_MODE);
author	Lennart Poettering <lennart@poettering.net>	2016-06-09 10:01:16 +0200
committer	Daniel Mack <github@zonque.org>	2016-06-09 10:01:16 +0200
commit	1ff74fb6e3243a2ade9ac38aa5effccb25432ad1 (patch)
tree	4ae6d6ffca3550b4bdef36569935a01675f48c8a /src/core/execute.c
parent	867476a30a01aeb22cc696bec9f9df788ca58ac1 (diff)