Changeset 70726 in vbox

Timestamp:

Jan 24, 2018 1:58:10 PM (7 years ago)

Author:

vboxsync

svn:sync-xref-src-repo-rev:

120473

Message:

Do not allow SUID, SGID or sticky bits on shared folders.
bugref:9047: Clean up Linux guest vboxuser device
Shared folders are primarily intended as a convenient method of file transfer
between guest and host, but not for more complicated things. Therefore the
SUID, SGID or sticky bits do not make sense there, and this change removes
them so that people do not get wrong ideas.
Not strictly related to the vboxuser device, but same general idea.

Location:

trunk

Files:

• include/VBox/shflsvc.h (modified) (1 diff)
• src/VBox/HostServices/SharedFolders/vbsf.cpp (modified) (1 diff)

trunk/include/VBox/shflsvc.h

@@ -484 +484 @@
     pDst->BirthTime         = pSrc->BirthTime;
     pDst->Attr.fMode        = pSrc->Attr.fMode;
+    /* Clear bits which we don't pass through for security reasons. */
+    pDst->Attr.fMode       &= ~(RTFS_UNIX_ISUID | RTFS_UNIX_ISGID | RTFS_UNIX_ISTXT);
     RT_ZERO(pDst->Attr.u);
     switch (pSrc->Attr.enmAdditional)

trunk/src/VBox/HostServices/SharedFolders/vbsf.cpp

@@ -1526 +1526 @@
 #ifndef RT_OS_WINDOWS
                 /* Don't allow the guest to clear the own bit, otherwise the guest wouldn't be
-                 * able to access this file anymore. Only for guests, which set the UNIX mode. */
+                 * able to access this file anymore. Only for guests, which set the UNIX mode.
+                 * Also, clear bits which we don't pass through for security reasons. */
                 if (fMode & RTFS_UNIX_MASK)
+                {
                     fMode |= RTFS_UNIX_IRUSR;
+                    fMode &= ~(RTFS_UNIX_ISUID | RTFS_UNIX_ISGID | RTFS_UNIX_ISTXT);
+                }
 #endif