diff options
| author | Andreas Kling <awesomekling@gmail.com> | 2019-03-01 23:54:07 +0100 |
|---|---|---|
| committer | Andreas Kling <awesomekling@gmail.com> | 2019-03-01 23:54:07 +0100 |
| commit | f75eb9af16b7bb58fa2d862ab550e79a2849929c (patch) | |
| tree | 7c70222804d9d3ddd17b4e8c7e3f037a978a98ad /Kernel | |
| parent | 4f9b6a88a6dd26c0dca188936573c34c112c7d74 (diff) | |
| download | serenity-f75eb9af16b7bb58fa2d862ab550e79a2849929c.zip | |
Kernel: Support chdir() to a directory that's executable but not readable.
Also the superuser should be allowed to resolve any possible path without
getting tripped up by EACCES.
Diffstat (limited to 'Kernel')
| -rw-r--r-- | Kernel/Process.cpp | 11 | ||||
| -rw-r--r-- | Kernel/VirtualFileSystem.cpp | 15 | ||||
| -rw-r--r-- | Kernel/VirtualFileSystem.h | 1 |
3 files changed, 19 insertions, 8 deletions
diff --git a/Kernel/Process.cpp b/Kernel/Process.cpp index 7d0e549c3b..e245202e05 100644 --- a/Kernel/Process.cpp +++ b/Kernel/Process.cpp @@ -1273,13 +1273,10 @@ int Process::sys$chdir(const char* path) { if (!validate_read_str(path)) return -EFAULT; - int error; - auto descriptor = VFS::the().open(path, error, 0, 0, cwd_inode()); - if (!descriptor) - return error; - if (!descriptor->is_directory()) - return -ENOTDIR; - m_cwd = descriptor->inode(); + auto directory_or_error = VFS::the().open_directory(String(path), cwd_inode()); + if (directory_or_error.is_error()) + return directory_or_error.error(); + m_cwd = *directory_or_error.value(); return 0; } diff --git a/Kernel/VirtualFileSystem.cpp b/Kernel/VirtualFileSystem.cpp index b3d952db73..5c5edc1b79 100644 --- a/Kernel/VirtualFileSystem.cpp +++ b/Kernel/VirtualFileSystem.cpp @@ -290,6 +290,19 @@ KResult VFS::access(const String& path, int mode, Inode& base) return KSuccess; } +KResultOr<Retained<Inode>> VFS::open_directory(const String& path, Inode& base) +{ + auto inode_or_error = resolve_path_to_inode(path, base); + if (inode_or_error.is_error()) + return inode_or_error.error(); + auto inode = inode_or_error.value(); + if (!inode->is_directory()) + return KResult(-ENOTDIR); + if (!inode->metadata().may_execute(*current) && !current->is_superuser()) + return KResult(-EACCES); + return Retained<Inode>(*inode); +} + KResult VFS::chmod(Inode& inode, mode_t mode) { if (inode.fs().is_readonly()) @@ -554,7 +567,7 @@ KResultOr<InodeIdentifier> VFS::resolve_path(const String& path, InodeIdentifier #endif return KResult(-ENOTDIR); } - if (!metadata.may_execute(*current)) + if (!metadata.may_execute(*current) && !current->is_superuser()) return KResult(-EACCES); auto parent = crumb_id; crumb_id = crumb_inode->lookup(part); diff --git a/Kernel/VirtualFileSystem.h b/Kernel/VirtualFileSystem.h index 5fa5538cb3..cd23244840 100644 --- a/Kernel/VirtualFileSystem.h +++ b/Kernel/VirtualFileSystem.h @@ -75,6 +75,7 @@ public: KResult access(const String& path, int mode, Inode& base); bool stat(const String& path, int& error, int options, Inode& base, struct stat&); KResult utime(const String& path, Inode& base, time_t atime, time_t mtime); + KResultOr<Retained<Inode>> open_directory(const String& path, Inode& base); void register_device(Device&); void unregister_device(Device&); |