Bananymous
/
banan-os
1
1
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Kernel: Perform access checks when creating a file or a directory 

Also SYS_CREATE_DIR now uses correct relative path. It used to always
create files relative to root. And as no permission checks were tested,
file creation succeeded to root as long as path did not contain '/' :D
This commit is contained in:
Bananymous 2024-09-17 15:57:07 +03:00
parent d88ee5c9ee
commit 5e4aa75e03
1 changed files with 8 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
kernel/kernel/Process.cpp
View File

@ -807,6 +807,8 @@ namespace Kernel
{
parent_inode = parent.inode;
file_name = path;
if (!parent_inode->can_access(m_credentials, O_WRONLY))
return BAN::Error::from_errno(EACCES);
}
if (Inode::Mode(mode).ifdir())
@ -977,7 +979,12 @@ namespace Kernel
BAN::StringView path_sv(path);
if (!path_sv.empty() && path_sv.back() == '/')
path_sv = path_sv.substring(0, path_sv.size() - 1);
if (path_sv.empty())
return BAN::Error::from_errno(EINVAL);
if (path[0] == '/')
TRY(create_file_or_dir(VirtualFileSystem::get().root_file(), path_sv, Inode::Mode::IFDIR | mode));
else
TRY(create_file_or_dir(m_working_directory, path_sv, Inode::Mode::IFDIR | mode));
return 0;
}