diff options
| author | Ali Mohammad Pur <ali.mpfard@gmail.com> | 2021-05-30 00:05:55 +0430 |
|---|---|---|
| committer | Andreas Kling <kling@serenityos.org> | 2021-05-29 22:05:34 +0200 |
| commit | 90de1ded55313259eaa07185e47f67a6c4b35bdd (patch) | |
| tree | 353e759edb47ff991769779055af5473df4d8dd3 /Tests | |
| parent | 8ce015742d32a390f965e5d75252fd0a73aef388 (diff) | |
| download | serenity-90de1ded55313259eaa07185e47f67a6c4b35bdd.zip | |
Kernel: Ensure that an unveil node with no permission is never accepted
Otherwise nodes inheriting from root may still be accessed with
`access(..., F_OK)`.
Also adds a test case to TestKernelUnveil about this behaviour.
Diffstat (limited to 'Tests')
| -rw-r--r-- | Tests/Kernel/TestKernelUnveil.cpp | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/Tests/Kernel/TestKernelUnveil.cpp b/Tests/Kernel/TestKernelUnveil.cpp index 17faade242..884bf18314 100644 --- a/Tests/Kernel/TestKernelUnveil.cpp +++ b/Tests/Kernel/TestKernelUnveil.cpp @@ -52,4 +52,8 @@ TEST_CASE(test_failures) res = unveil("/bin", "w"); if (res >= 0) FAIL("unveil permitted after unveil state locked"); + + res = access("/bin/id", F_OK); + if (res == 0) + FAIL("access(..., F_OK) permitted after locked veil without relevant unveil"); } |