Skip to content
Permalink
Browse files Browse the repository at this point in the history
ccpp: do not read data from root directories
Users are allowed to modify /proc/[pid]/root to any directory by running
their own MOUNT namespace.

Related: #1211835

Signed-off-by: Jakub Filak <jfilak@redhat.com>
  • Loading branch information
Jakub Filak committed Apr 28, 2015
1 parent 17cb66b commit 4f2c1dd
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion src/hooks/abrt-hook-ccpp.c
Expand Up @@ -678,7 +678,7 @@ int main(int argc, char** argv)
{
char *rootdir = get_rootdir(pid);

dd_create_basic_files(dd, fsuid, (rootdir && strcmp(rootdir, "/") != 0) ? rootdir : NULL);
dd_create_basic_files(dd, fsuid, NULL);

char source_filename[sizeof("/proc/%lu/somewhat_long_name") + sizeof(long)*3];
int source_base_ofs = sprintf(source_filename, "/proc/%lu/smaps", (long)pid);
Expand Down

0 comments on commit 4f2c1dd

Please sign in to comment.