summaryrefslogtreecommitdiff
path: root/src/import
diff options
context:
space:
mode:
authorLennart Poettering <lennart@poettering.net>2015-01-22 18:19:58 +0100
committerLennart Poettering <lennart@poettering.net>2015-01-22 18:19:58 +0100
commit7315edd36a144e746dbcc43cef2206441969ca34 (patch)
treecf65f59208c81d2b77d864e0a0c576794e123182 /src/import
parent2c140ded48fc31e3c80a92a1f755a2b1ab6e1a30 (diff)
import: lock tar into its own private network namespace
That way it cannot get access to the network
Diffstat (limited to 'src/import')
-rw-r--r--src/import/import-common.c9
1 files changed, 5 insertions, 4 deletions
diff --git a/src/import/import-common.c b/src/import/import-common.c
index b490c435d2..f4643133e9 100644
--- a/src/import/import-common.c
+++ b/src/import/import-common.c
@@ -507,11 +507,12 @@ int import_fork_tar(const char *path, pid_t *ret) {
fd_cloexec(STDOUT_FILENO, false);
fd_cloexec(STDERR_FILENO, false);
+ if (unshare(CLONE_NEWNET) < 0)
+ log_error_errno(errno, "Failed to lock tar into network namespace, ignoring: %m");
+
r = capability_bounding_set_drop(~retain, true);
- if (r < 0) {
- log_error_errno(errno, "Failed to drop capabilities, ignoring: %m");
- _exit(EXIT_FAILURE);
- }
+ if (r < 0)
+ log_error_errno(r, "Failed to drop capabilities, ignoring: %m");
execlp("tar", "tar", "--numeric-owner", "-C", path, "-px", NULL);
log_error_errno(errno, "Failed to execute tar: %m");