Don't allow setting hostname if not unsharing UTS namespace

This is normally verified on argument validation, but it may happen if someone managed to send custom priv-sep operations via e.g. ptrace. See containers#107
alexlarsson · Oct 13, 2016 · 1112870 · 1112870
1 parent cd408b3
commit 1112870
Showing 1 changed file with 4 additions and 0 deletions.
diff --git a/bubblewrap.c b/bubblewrap.c
@@ -612,6 +612,10 @@ privileged_op (int         privileged_op_socket,
       break;
 
     case PRIV_SEP_OP_SET_HOSTNAME:
+      /* This is checked at the start, but lets verify it here in case
+         something manages to send hacked priv-sep operation requests. */
+      if (!opt_unshare_uts)
+        die ("Refusing to set hostname in original namespace");
       if (sethostname (arg1, strlen(arg1)) != 0)
         die_with_error ("Can't set hostname to %s", arg1);
       break;