diff options
author | Richard Maw <richard.maw@codethink.co.uk> | 2015-08-04 08:55:04 +0000 |
---|---|---|
committer | Richard Maw <richard.maw@codethink.co.uk> | 2015-08-04 09:11:23 +0000 |
commit | d84401767785a8380700d5d9c805c36f5fc63980 (patch) | |
tree | 6d05341c99246bd7cce53dcac206f0c6779fb636 /src/machine | |
parent | 58a2e9acd8216f55b004e5432f76a851f7b233c0 (diff) |
machined: Relax path checks for Copy{From,To}
Absolute paths should be sufficient to prevent funny business,
and while path_is_safe() checks this, it also checks whether the path
contains . or .. components, which while odd, aren't a security risk.
Diffstat (limited to 'src/machine')
-rw-r--r-- | src/machine/machine-dbus.c | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/src/machine/machine-dbus.c b/src/machine/machine-dbus.c index dc42ffdc52..7658d7146d 100644 --- a/src/machine/machine-dbus.c +++ b/src/machine/machine-dbus.c @@ -825,13 +825,13 @@ int bus_machine_method_copy(sd_bus_message *message, void *userdata, sd_bus_erro if (r < 0) return r; - if (!path_is_absolute(src) || !path_is_safe(src)) - return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Source path must be absolute and not contain ../."); + if (!path_is_absolute(src)) + return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Source path must be absolute."); if (isempty(dest)) dest = src; - else if (!path_is_absolute(dest) || !path_is_safe(dest)) - return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Destination path must be absolute and not contain ../."); + else if (!path_is_absolute(dest)) + return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Destination path must be absolute."); r = bus_verify_polkit_async( message, |