Skip to content

Commit 4f2c1dd

Browse files
author
Jakub Filak
committed
ccpp: do not read data from root directories
Users are allowed to modify /proc/[pid]/root to any directory by running their own MOUNT namespace. Related: #1211835 Signed-off-by: Jakub Filak <jfilak@redhat.com>
1 parent 17cb66b commit 4f2c1dd

File tree

1 file changed

+1
-1
lines changed

1 file changed

+1
-1
lines changed

Diff for: src/hooks/abrt-hook-ccpp.c

+1-1
Original file line numberDiff line numberDiff line change
@@ -678,7 +678,7 @@ int main(int argc, char** argv)
678678
{
679679
char *rootdir = get_rootdir(pid);
680680

681-
dd_create_basic_files(dd, fsuid, (rootdir && strcmp(rootdir, "/") != 0) ? rootdir : NULL);
681+
dd_create_basic_files(dd, fsuid, NULL);
682682

683683
char source_filename[sizeof("/proc/%lu/somewhat_long_name") + sizeof(long)*3];
684684
int source_base_ofs = sprintf(source_filename, "/proc/%lu/smaps", (long)pid);

0 commit comments

Comments
 (0)