With the capabilities, the open of the log file can be done on any file, making possible to modifify the content of the file.
Let's drop the privilege when opening the file, so we ensure that is no longer possible. Signed-off-by: Daniel Lezcano <dlezc...@fr.ibm.com> --- src/lxc/log.c | 6 ++++-- 1 files changed, 4 insertions(+), 2 deletions(-) diff --git a/src/lxc/log.c b/src/lxc/log.c index 596ed99..0661360 100644 --- a/src/lxc/log.c +++ b/src/lxc/log.c @@ -33,7 +33,8 @@ #include <fcntl.h> #include <stdlib.h> -#include <lxc/log.h> +#include "log.h" +#include "caps.h" #define LXC_LOG_PREFIX_SIZE 32 #define LXC_LOG_BUFFER_SIZE 512 @@ -127,7 +128,8 @@ static int log_open(const char *name) int fd; int newfd; - fd = open(name, O_CREAT | O_WRONLY | O_APPEND | O_CLOEXEC, 0666); + fd = lxc_unpriv(open(name, O_CREAT | O_WRONLY | + O_APPEND | O_CLOEXEC, 0666)); if (fd == -1) { ERROR("failed to open log file \"%s\" : %s", name, strerror(errno)); -- 1.7.0.4 ------------------------------------------------------------------------------ This SF.net email is sponsored by Sprint What will you do first with EVO, the first 4G phone? Visit sprint.com/first -- http://p.sf.net/sfu/sprint-com-first _______________________________________________ Lxc-devel mailing list Lxc-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-devel