From 1ff74fb6e3243a2ade9ac38aa5effccb25432ad1 Mon Sep 17 00:00:00 2001 From: Lennart Poettering Date: Thu, 9 Jun 2016 10:01:16 +0200 Subject: execute: check whether the specified fd is a tty before chowning/chmoding it (#3457) Let's add an extra safety check before we chmod/chown a TTY to the right user, as we might end up having connected something to STDIN/STDOUT that is actually not a TTY, even though this might have been requested, due to permissive StandardInput= settings or transient service activation with fds passed in. Fixes: https://bugs.freedesktop.org/show_bug.cgi?id=85255 --- src/core/execute.c | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'src') diff --git a/src/core/execute.c b/src/core/execute.c index 2cef70e668..e718c43df9 100644 --- a/src/core/execute.c +++ b/src/core/execute.c @@ -552,6 +552,10 @@ static int chown_terminal(int fd, uid_t uid) { assert(fd >= 0); + /* Before we chown/chmod the TTY, let's ensure this is actually a tty */ + if (isatty(fd) < 1) + return 0; + /* This might fail. What matters are the results. */ (void) fchown(fd, uid, -1); (void) fchmod(fd, TTY_MODE); -- cgit v1.2.3-54-g00ecf