On Fri, Jun 27, 2014 at 1:46 PM, Morten Kvistgaard
<[email protected]> wrote:
> A small detail, why do you check if the root_fd is valid? Eg.
>
> ...
> if (G.root_fd >= 0) {
> ...
>
> It shouldn't be possible for it to be invalid and the old code didn't
> validate it either.
I added this in the next patch:
#if !BB_MMU
- G.root_fd = xopen("/", O_RDONLY | O_DIRECTORY);
- close_on_exec_on(G.root_fd);
+ G.root_fd = -1;
#endif
argv += optind;
if (argv[0]) {
+#if !BB_MMU
+ G.root_fd = xopen("/", O_RDONLY | O_DIRECTORY);
+ close_on_exec_on(G.root_fd);
+#endif
xchroot(argv[0]);
}
This way we avoid "chroot jailbreak" games when it is not necessary
(i.e. if ftpd is run without DIR parameter).
_______________________________________________
busybox mailing list
[email protected]
http://lists.busybox.net/mailman/listinfo/busybox
