Sinipelto/banan-os
1
0
Fork 0
forked from Bananymous/banan-os
Code Pull Requests Activity

Kernel: Perform access checks when creating a file or a directory

Browse Source 
Also SYS_CREATE_DIR now uses correct relative path. It used to always
create files relative to root. And as no permission checks were tested,
file creation succeeded to root as long as path did not contain '/' :D
This commit is contained in:
Bananymous
2024-09-17 15:57:07 +03:00
parent d88ee5c9ee
commit 5e4aa75e03
1 changed files with 8 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
kernel/kernel/Process.cpp
View File

@@ -807,6 +807,8 @@ namespace Kernel
{
parent_inode = parent.inode;
file_name = path;
if (!parent_inode->can_access(m_credentials, O_WRONLY))
return BAN::Error::from_errno(EACCES);
}
if (Inode::Mode(mode).ifdir())
@@ -977,7 +979,12 @@ namespace Kernel
BAN::StringView path_sv(path);
if (!path_sv.empty() && path_sv.back() == '/')
path_sv = path_sv.substring(0, path_sv.size() - 1);
if (path_sv.empty())
return BAN::Error::from_errno(EINVAL);
if (path[0] == '/')
TRY(create_file_or_dir(VirtualFileSystem::get().root_file(), path_sv, Inode::Mode::IFDIR | mode));
else
TRY(create_file_or_dir(m_working_directory, path_sv, Inode::Mode::IFDIR | mode));
return 0;
}