Dear all,
In certain cases, when a client doesn't have enough permissions, the
errno variable is not set in xenstored_core.c before its value is
reported back. As a result, the client can learn about the errno of the
last failed request to xenstored (which could have come from another
client). (An unintended information channel! :-)
Attached is a patch that I believe fixes the problem. Also included are
a couple of test cases that demonstrate the problem.
Cheers,
Magnus
*** xenstore/xenstored_core.c Sun Apr 9 15:05:54 2006
--- xs/xenstored_core.c Fri Nov 3 15:57:13 2006
***************
*** 555,562 ****
/* If we don't have permission, we don't have node. */
if (node) {
if ((perm_for_conn(conn, node->perms, node->num_perms) & perm)
! != perm)
node = NULL;
}
/* Clean up errno if they weren't supposed to know. */
if (!node)
--- 555,564 ----
/* If we don't have permission, we don't have node. */
if (node) {
if ((perm_for_conn(conn, node->perms, node->num_perms) & perm)
! != perm) {
! errno = EACCES;
node = NULL;
+ }
}
/* Clean up errno if they weren't supposed to know. */
if (!node)
write /a/b v
setperm /a 1 READ
setperm /a/b 1 NONE
expect read failed: No such file or directory
read /nonexistent
setid 2
# this should presumably fail with EACCES, but fails with previous error instead
expect read failed: Permission denied
read /a/b
write /a/b v
setperm /a 1 READ
setperm /a/b 1 NONE
expect read failed: Invalid argument
read //
setid 2
# this should presumably fail with EACCES, but fails with previous error instead
expect read failed: Permission denied
read /a/b
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
| 
Home