diff options
author | Jamie Gritton <jamie@FreeBSD.org> | 2021-02-19 22:13:35 +0000 |
---|---|---|
committer | Jamie Gritton <jamie@FreeBSD.org> | 2021-02-19 22:13:35 +0000 |
commit | d4380c0cdd0517dc038403dd5c99242ce78bdeb5 (patch) | |
tree | 7a3e2496b46683bb7ce41e27c65d3b3c77edd1ad /sys/kern/kern_jail.c | |
parent | 0f9544d03e89d180f94a7a84b110ec7d2b6c625a (diff) | |
download | src-d4380c0cdd0517dc038403dd5c99242ce78bdeb5.tar.gz src-d4380c0cdd0517dc038403dd5c99242ce78bdeb5.zip |
jail: Change both root and working directories in jail_attach(2)
jail_attach(2) performs an internal chroot operation, leaving it up to
the calling process to assure the working directory is inside the jail.
Add a matching internal chdir operation to the jail's root. Also
ignore kern.chroot_allow_open_directories, and always disallow the
operation if there are any directory descriptors open.
Reported by: mjg
Approved by: markj, kib
MFC after: 3 days
Diffstat (limited to 'sys/kern/kern_jail.c')
-rw-r--r-- | sys/kern/kern_jail.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/sys/kern/kern_jail.c b/sys/kern/kern_jail.c index b56c889eeb7e..90ab69a372d2 100644 --- a/sys/kern/kern_jail.c +++ b/sys/kern/kern_jail.c @@ -2495,7 +2495,7 @@ do_jail_attach(struct thread *td, struct prison *pr) goto e_unlock; #endif VOP_UNLOCK(pr->pr_root); - if ((error = pwd_chroot(td, pr->pr_root))) + if ((error = pwd_chroot_chdir(td, pr->pr_root))) goto e_revert_osd; newcred = crget(); |