Changeset 66632 in vbox for trunk/src/VBox/HostDrivers

Timestamp:

Apr 20, 2017 2:43:46 PM (8 years ago)

Author:

vboxsync

Message:

HostDrivers/Support: Allow following symlinks on Linux for libraries loaded through dlopen()

Location:

trunk/src/VBox/HostDrivers/Support

Files:

• SUPLibInternal.h (modified) (1 diff)
• SUPR3HardenedVerify.cpp (modified) (8 diffs)
• posix/SUPR3HardenedMain-posix.cpp (modified) (1 diff)

trunk/src/VBox/HostDrivers/Support/SUPLibInternal.h

@@ -449 +449 @@
 DECLHIDDEN(int)     supR3HardenedVerifyFile(const char *pszFilename, RTHCUINTPTR hNativeFile, bool fMaybe3rdParty,
                                             PRTERRINFO pErrInfo);
-#ifdef RT_OS_DARWIN
+#if defined(RT_OS_DARWIN) || defined(RT_OS_LINUX)
 DECLHIDDEN(int)     supR3HardenedVerifyFileFollowSymlinks(const char *pszFilename, RTHCUINTPTR hNativeFile, bool fMaybe3rdParty,
                                                           PRTERRINFO pErrInfo);

trunk/src/VBox/HostDrivers/Support/SUPR3HardenedVerify.cpp

@@ -1036 +1036 @@
 }
 
-#ifdef RT_OS_DARWIN
+
+#if defined(RT_OS_DARWIN) || defined(RT_OS_LINUX)
 /**
  * Copies the four messages into the error buffer and returns @a rc.
@@ -1053 +1054 @@
     return supR3HardenedSetErrorN(rc, pErrInfo, 4, pszMsg1, pszMsg2, pszMsg3, pszMsg4);
 }
-#endif /* RT_OS_DARWIN */
+#endif
 
 
@@ -1072 +1073 @@
 }
 
+
 #ifdef SOME_UNUSED_FUNCTION
-
 /**
  * Copies the two messages into the error buffer and returns @a rc.
@@ -1088 +1089 @@
     return supR3HardenedSetErrorN(rc, pErrInfo, 2, pszMsg1, pszMsg2);
 }
-
-#endif /* SOME_UNUSED_FUNCTION */
-
-#ifdef RT_OS_DARWIN
-
+#endif
+
+
+#if defined(RT_OS_DARWIN) || defined(RT_OS_LINUX)
 /**
  * Copies the error message to the error buffer and returns @a rc.
@@ -1105 +1105 @@
     return supR3HardenedSetErrorN(rc, pErrInfo, 1, pszMsg);
 }
-
 #endif
 
@@ -1501 +1500 @@
     /*
      * World must not have write access.  There is no relaxing this rule.
-     */
-    if (pFsObjState->Stat.st_mode & S_IWOTH)
+     * Linux exception: Symbolic links are always give permission 0777, there
+     *                  is no lchmod or lchown APIs.  The permissions on parent
+     *                  directory that contains the symbolic link is what is
+     *                  decising wrt to modifying it.  (Caller is expected not
+     *                  to allow symbolic links in the first path component.)
+     */
+    if (   (pFsObjState->Stat.st_mode & S_IWOTH)
+# ifdef RT_OS_LINUX
+        && (   !S_ISLNK(pFsObjState->Stat.st_mode)
+            || !fSymlinksAllowed /* paranoia */)
+# endif
+       )
         return supR3HardenedSetError3(VERR_SUPLIB_WORLD_WRITABLE, pErrInfo,
                                       "World writable: '", pszPath, "'");
@@ -1846 +1855 @@
 
 
-#ifdef RT_OS_DARWIN
+#if defined(RT_OS_DARWIN) || defined(RT_OS_LINUX)
 /**
  * Verfies a file following symlinks.
@@ -2001 +2010 @@
     return VINF_SUCCESS;
 }
-#endif /* RT_OS_DARWIN */
+#endif /* RT_OS_DARWIN || RT_OS_LINUX */
 
 

trunk/src/VBox/HostDrivers/Support/posix/SUPR3HardenedMain-posix.cpp

@@ -190 +190 @@
         && strchr(pszFilename, '/') != NULL)
     {
-#ifdef RT_OS_DARWIN
+#if defined(RT_OS_DARWIN) || defined(RT_OS_LINUX)
         int rc = supR3HardenedVerifyFileFollowSymlinks(pszFilename, RTHCUINTPTR_MAX, true /* fMaybe3rdParty */,
                                                        NULL /* pErrInfo */);