]> git.proxmox.com Git - mirror_lxcfs.git/commitdiff
projects / mirror_lxcfs.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 6540dd4)
sysfs: forbid write()
authorAlexander Mikhalitsyn <aleksandr.mikhalitsyn@canonical.com>
Fri, 15 Mar 2024 15:47:57 +0000 (16:47 +0100)
committerAlexander Mikhalitsyn <aleksandr.mikhalitsyn@canonical.com>
Fri, 15 Mar 2024 15:47:57 +0000 (16:47 +0100)
It's just dangerous to allow passthrough of write()
syscall anywhere under emulated sysfs subtree.

Let's forbid it.

Signed-off-by: Alexander Mikhalitsyn <aleksandr.mikhalitsyn@canonical.com>
src/sysfs_fuse.c patch | blob | blame | history

diff --git a/src/sysfs_fuse.c b/src/sysfs_fuse.c
index d26d7c742d9068caa2d72fd8dd5896c9b39fb5d7..bf75ba99f34b89e8922521b5a2d749e0dd953fe7 100644 (file)
--- a/src/sysfs_fuse.c
+++ b/src/sysfs_fuse.c
@@ -307,11 +307,7 @@ __lxcfs_fuse_ops int sys_write(const char *path, const char *buf, size_t size,
        if (f->type != LXC_TYPE_SYS_DEVICES_SYSTEM_CPU_SUBFILE)
                return -EINVAL;
 
-       fd = open(path, O_WRONLY | O_CLOEXEC);
-       if (fd == -1)
-               return -errno;
-
-       return pwrite(fd, buf, size, offset);
+       return -EACCES;
 }
 
 static int sys_readdir_legacy(const char *path, void *buf, fuse_fill_dir_t filler,
LXCFS mirror