Prevent to specify a file not belonging to us as the output for the console
Signed-off-by: Daniel Lezcano <dlezc...@fr.ibm.com> --- src/lxc/console.c | 11 ++++++----- 1 files changed, 6 insertions(+), 5 deletions(-) diff --git a/src/lxc/console.c b/src/lxc/console.c index 1ab2b29..edefc41 100644 --- a/src/lxc/console.c +++ b/src/lxc/console.c @@ -30,10 +30,10 @@ #include <sys/types.h> #include <sys/un.h> -#include <lxc/log.h> -#include <lxc/conf.h> -#include <lxc/start.h> /* for struct lxc_handler */ - +#include "log.h" +#include "conf.h" +#include "start.h" /* for struct lxc_handler */ +#include "caps.h" #include "commands.h" #include "mainloop.h" #include "af_unix.h" @@ -192,7 +192,8 @@ int lxc_create_console(struct lxc_conf *conf) goto err; } - fd = open(console->path, O_CLOEXEC | O_RDWR | O_CREAT | O_APPEND, 0600); + fd = lxc_unpriv(open(console->path, O_CLOEXEC | O_RDWR | O_CREAT | + O_APPEND, 0600)); if (fd < 0) { SYSERROR("failed to open '%s'", console->path); goto err; -- 1.7.0.4 ------------------------------------------------------------------------------ This SF.net email is sponsored by Sprint What will you do first with EVO, the first 4G phone? Visit sprint.com/first -- http://p.sf.net/sfu/sprint-com-first _______________________________________________ Lxc-devel mailing list Lxc-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-devel