From 2ea3add3ad82f5dcd108e53d63e8e03aa2d93123 Mon Sep 17 00:00:00 2001 From: Gian-Carlo Pascutto Date: Mon, 7 Jan 2019 15:21:32 +0000 Subject: [PATCH] Bug 1511099 - Make MAY_CREATE handling more consistent. r=jld Differential Revision: https://phabricator.services.mozilla.com/D13523 --HG-- extra : moz-landing-system : lando --- security/sandbox/linux/broker/SandboxBroker.cpp | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/security/sandbox/linux/broker/SandboxBroker.cpp b/security/sandbox/linux/broker/SandboxBroker.cpp index 1f6b8f9978c5..cb65a51834dc 100644 --- a/security/sandbox/linux/broker/SandboxBroker.cpp +++ b/security/sandbox/linux/broker/SandboxBroker.cpp @@ -383,7 +383,7 @@ static bool AllowOperation(int aReqFlags, int aPerms) { } // We don't really allow executing anything, // so in true unix tradition we hijack this - // for directories. + // for directory access (creation). if (aReqFlags & X_OK) { needed |= SandboxBroker::MAY_CREATE; } @@ -857,7 +857,7 @@ void SandboxBroker::ThreadMain(void) { case SANDBOX_FILE_LINK: case SANDBOX_FILE_SYMLINK: - if (permissive || AllowOperation(W_OK, perms)) { + if (permissive || AllowOperation(W_OK | X_OK, perms)) { if (DoLink(pathBuf, pathBuf2, req.mOp) == 0) { resp.mError = 0; } else { @@ -869,7 +869,7 @@ void SandboxBroker::ThreadMain(void) { break; case SANDBOX_FILE_RENAME: - if (permissive || AllowOperation(W_OK, perms)) { + if (permissive || AllowOperation(W_OK | X_OK, perms)) { if (rename(pathBuf, pathBuf2) == 0) { resp.mError = 0; } else { @@ -900,7 +900,7 @@ void SandboxBroker::ThreadMain(void) { break; case SANDBOX_FILE_UNLINK: - if (permissive || AllowOperation(W_OK, perms)) { + if (permissive || AllowOperation(W_OK | X_OK, perms)) { if (unlink(pathBuf) == 0) { resp.mError = 0; } else {