RGBCube/serenity
1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-07-24 22:47:44 +00:00
Code Issues Activity Actions

Kernel: Ensure that an unveil node with no permission is never accepted

Browse source 
Otherwise nodes inheriting from root may still be accessed with
`access(..., F_OK)`.
Also adds a test case to TestKernelUnveil about this behaviour.
This commit is contained in:
Ali Mohammad Pur 2021-05-30 00:05:55 +04:30 committed by Andreas Kling
parent 8ce015742d
commit 90de1ded55
2 changed files with 5 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

4
Tests/Kernel/TestKernelUnveil.cpp
View file

@ -52,4 +52,8 @@ TEST_CASE(test_failures)
res = unveil("/bin", "w");
if (res >= 0)
FAIL("unveil permitted after unveil state locked");
res = access("/bin/id", F_OK);
if (res == 0)
FAIL("access(..., F_OK) permitted after locked veil without relevant unveil");
}